In this blog post, we’ll examine a few security best practices around group, password and shadow files – and evaluate the IT Best Practices rules and see why and how they have to be modified slightly for Debian-based systems when we implement them in the Assimilation suite.