A Solution To The Risk Posed By A Lack Of SSH Key Management

For companies and organisations today who have widespread SSH and OpenSSH deployments using public key authentification, the risk of exposure remains significant. The lack of defined and implemented processed to manage the set up an SSH key and their removal and rotation creates a situation around an ever increasing number of trust relationships which is far too difficult to control. This is particularly the case if it is a manual process as it can be extremely time consuming.

What’s more, with the normal cycle of organisational changes that large organisations face, typical merger and acquisition activity, general employee turnover and the migration towards virtual environments, the lack of SSH Key management can become a serious critical security risk that organisations simply must address to avoid unnecessary risks to their organisations. As auditors and security chiefs also attest, the importance of good and safe user SSH key management is a pre-requisite to good house-keeping and compliance to best practice data security management.

There are other alternatives to the manual process such as Kerberos and the use of x.509 certificates which will also address the challenges relating to public key authentication, however, each comes with their own limitations and complexities.

On the other hand, taking the approach of using the already existing authentication infrastructure gives large scale enterprises a quick, efficient and cost-effective manner to gain visibility over the outstanding trust relationships in the organisations’ setting. Once this visibility has been achieved, a solution such as the Universal SSH Key Manager provides a quick path, to not only organising these trust relationships into logical groups but makes the move towards a completely automated SSH key management process which includes full deployment, unit changes and key removal and rotation far far easier.

If you take into consideration the investment and effort that in many cases, has been put into the organisation over the years, the SSH Key Manager can leverage and safeguard this investment and provide enterprises with a sensible solution to a major security concern.

Whilst not exactly managed or secure file transfer, the SSH key manager lies neatly alongside those products in that it effects the security of files which are accessed and transferred by users, whether they be human or servers. The SSH User Key Manager is an additional product that should be considered by all organisations using SSH keys and that have a large number of servers or users. The higher the number of servers or users, the greater the risk that is being run that can be eliminated in an easy solution.

HANDD Business Solutions Ltd are specialists and consultants in data-centric security solutions. They provide consultancy and advice on Data Classification, Managed and Secure File Transfer and SSH User Key Management. They have offices or representation in the UK, Mainland Europe, Middle East, Asia Pacific and the US. They sell and distribute software on behalf of Titus, Varonis, Ipswitch, GlobalSCAPE, Linoma, SSH, Attachmate and South River Technologies.