Streaming video giant Netflix has released its Stethoscope web application as open source to help workers make informed decisions on device security.
Netflix engineers Jesse Kriss and Andrew White said the idea behind Stethoscope was to collect information on their devices so as to give them clear and concise recommendation on how to secure them.
A more active approach to device security by users avoids heavy-handed policy enforcement while providing people with the freedom to work as they see fit, they said.
"We believe people are most productive and effective when they they aren’t hemmed in by excessive rules and process," the two Netflix engineers said.
Stethoscope can be used to collect information on both desktop and mobile devices. It retrieves information from enterprise management systems such as JAMF, LanDesk and Google's G Suite mobile device management.
Security practices such as disk encryption, firewall status, screen saver lock and password, operating system patching and auto-updating are evaluated by Stethoscope, along with device rooting and jailbreaks, and whether or not monitoring software tools are installed.
Stethoscope requires Python for the back end. The Nginx web server and reverse proxy and can be run as a Docker container.
The software is available on the Github open source code repository under an Apache 2.0 licence.
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
