eyeOS’ philosophy is based on two concepts: defense in depth and separation of duties. Our philosophy is to reduce public services, provided it is configured with a good default security policy. Apart from that, eyeOS is frequently checked both manually and automatically to mitigate risks. In the event of doubt, several tools are supplied for the end user to decide the security level that they want to give their eyeOS.
Management & Communication
The virtual appliance has host-based protection, with zero outside dependency. For that reason, the only channels for managing the solution are via SSH and the Admin Panel in eyeOS. The Admin Panel contains tools for diagnostic, activation of automatic updates, configuration of own SSL certificates, backup creation management, etc.
Web Application (Development)
As a web application, protection is in-built in its design. From its outset, a framework has been used for managing the security of all operations performed. Using these functions, programmers won’t have to worry about permissions or special characters. Proper log management, specific security tests to maintain system integrity, continuous personnel training, error and warning management, automatic request blocking, single sign-on integration with other portals, access to public files using password and expiry date, and a long list of other similar details have been incorporated to reduce the impact in the event of negligence.
Our vision / The Future
Seeking to be a global leader, eyeOS continues working along this line, progressively incorporating improvements in the field of secure HCI in the branches of the system in order to extend protection measures while still making them invisible for the end user.