Most companies I’ve worked at where employees had a Microsoft work computers. They were under heavy control, even with admin privileges. I was wondering, for a corporate environment, how employees’Linux desktops could be kept under control in a similar way. What would be an open source or Linux based alternative to the following:

  • policy control
  • Software Center with software allow lists
  • controlled OS updates
  • zscaler
  • software detection tool to detect what’s been installed and determine if any unallowed software is present
  • antivirus
  • VPN

I can think of a few things, like a company having it’s own software repos, or using an atomic distribution. There’s already open source VPN solutions if course. But for everything else I don’t really know what could be used or what setup we could have.

  • gaael@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    7 months ago

    For the execution, can’t you configure the fstab with noexec on partitions where the user has write permissions and give the user read-only permissions on the root partition ?

    I think this would be fine for most jobs, the exception being software development where you usually need to execute stuff to test your programs.