HELSINKI and WALTHAM, Mass., July 27, 2016 /PRNewswire/ -- Secure Shell (SSH) authentication management has suffered from poor governance for years, creating a security crisis for corporate networks around the world. The responsibility for provisioning and deprovisioning SSH credentials rests with multiple stakeholders, while cyber criminals exploit this fact through the use of valid SSH keys to bypass security.
SSH Communications Security, inventor of the SSH protocol, is able to help organizations overcome the complex security and compliance challenges associated with key management.
- Risks of poor management: Forensic investigations into high-profile data breaches have found evidence that SSH weaknesses may have given attackers an advantage over network and endpoint defenses. A recent white paper sponsored by SSH Communications Security outlined "unacceptable" risks associated with unmanaged SSH keys, including runaway keys that are no longer in use but still functional, unchecked access rights, poor development processes and negative audit findings.
- Visibility and control needed: Co-authored by SSH CEO Tatu Ylönen to provide guidance for organizations to effectively manage Secure Shell access to sensitive data, the recent NIST IR 7966 calls for appropriate management of trusted access for critical infrastructure. This requires organizations to have visibility into and control of SSH keys so that they can manage the unforeseen risks and adhere to various regulatory frameworks.
- Addressing the challenges: SSH Communications Security's Universal SSH Key Manager (UKM) addresses key management challenges by monitoring, controlling and automating trusted access to critical data. UKM bridges the trusted access security gap for customers in all industries and verticals, improving security, visibility and compliance.
To learn how organizations can overcome the challenges associated with SSH user keys, a copy of the full white paper from IDC, "SSH Governance Is Needed to Reduce Risk & Bridge the Trusted Access Gap," is available for download at http://info.ssh.com/idc-white-paper-ssh-risk-governance-2016.
Tatu Ylönen, CEO, SSH Communications Security, said:
"As the number of data breaches perpetrated with stolen SSH keys rises, organizations need to face the fact that they probably have thousands of keys that have been abandoned but never revoked – just waiting to be exploited. The state of cybersecurity today and the new NIST guidelines require SSH key governance and point to the fact that authentication management has never been more critical."
About SSH Communications Security
SSH Communications Security (NASDAQ OMX) is a leading provider of enterprise cybersecurity solutions that monitor, control and automate trusted access to critical data. The company's long track record of innovation includes Secure Shell (SSH) - one of the world's most widely used network security protocols. Demanding customers worldwide trust our flagship Universal SSH Key Manager® and other solutions to manage access, enhance security, and achieve compliance. The Company sells direct through offices in North America, Europe and Asia and through a global network of certified partners. Access more at www.ssh.com
SOURCE SSH Communications Security