At Infosec 2012SSH Communications Security unveiled the first new extension of its SSH Information Integrity Platform, SSH User Key Management. The module will serve to provide enterprises the ability to identify, organise and maintain trust relationships of applications, user and service accounts to their respective target SSH and OpenSSH servers through the management of public and private keys.In a separate announcement, SSH Communications has appointed HANDD, the International Security and Compliance specialist, as its exclusive distribution partner in Europe, Middle East and Asia. HANDD will operate an SSH centre of excellence that provides 24/7 global support to over 50 enterprise customers, including four of the UK's largest banks.
"Enterprises most critical data and applications are often transported and housed on SSH and OpenSSH servers. Those enterprises using public key authentication to manage access to those servers are faced with a significant challenge today in terms of knowing who and what may access those servers. This is not only a major security and compliance risk, however it is also a cost issue, whereas many organisations manage this function manually with little or no oversight," states Tatu Ylnen, CEO of SSH Communications Security.
The Universal SSH Key Manager will function as an extension of SSH's ability to control and manage another facet of the SSH infrastructure already prevalent in today's enterprises. SSH already has the ability to centrally manage configurations, deployments, policies and host keys for its own commercial Tectia SSH variant as well as OpenSSH.
"We are excited to work closely with our key customer pilots to ensure that we address the primary problems they face today in managing their SSH environment. We have approached solving this problem from the perspective that any solution we provide must improve process, decrease operational costs, mitigate the current risks they face in managing their SSH user keys and finally ensure that they are compliant under PCI-DSS, SOX and HIPAA standards," summarised Matthew McKenna, Head of Sales and Marketing.
On the SSH Communications and HANDD partnership, Anthony Hodges, CEO HANDD commented: "Today SSH is one of the most widely used security protocols in the world with over 3000 global organisations using the data-in-transit solution for moving information. While organisations have enjoyed a robust security solution preventing both internal and external data losses, managing the SSH key overhead has become a colossal task."
Continued Hodges: "Enterprises are facing huge manpower and cost implications as auditors demand regular host SSH key rotation as part of their security policy and a FTSE company is estimated to typically spends over $2 million a year managing this overhead. The arrival of SSH in the market will provide enterprises with a solution to manage the SSH overhead and significantly mitigate security risks."
Add a Comment
No messages on this article yet