Encryption & Key Management , Privileged Access Management , Security Operations

Five Actions That Will Immediately Improve SSH Security

Avoid Unwanted Privileged Access to Your Critical Systems and Data

Unused or unmonitored SSH keys grant alarming levels of privileged access beyond users, proliferating into your machine-to-machine communications and services. Learn how securing your SSH inventory beyond your PAM solution helps compliance with NIST, FISMA, and CDM along with five steps you can take today to strengthen SSH security in this presentation.

It's surprising how easily your SSH keys can become vulnerable, and even walk out the door with prior employees and contractors - whether maliciously or innocently. When that happens, cyber criminals or malicious insiders can misuse your SSH keys to gain privileged access to your critical systems and data.

In this presentation, you will learn:

  • The impacts of SSH security on compliance with NIST 800-53, 800-171, FISMA and CDM
  • The biggest risks facing your SSH inventory
  • Strategies for preventing the misuse of SSH keys
  • Five actions that will immediately improve SSH security

About the Author

Paul Turner

Paul Turner

CTO for Products, Venafi

Turner has worked directly with many of the world's largest Global 2000 companies to solve security and operational challenges related to cryptographic key and certificate management. In addition to working with and presenting at IEEE, IETF and ISACA, Turner has worked closely with the NIST, where he coauthored the July 2012 Information Technology Laboratory (ITL) bulletin, Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance, and the NISTIR 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH). Prior to Venafi, Turner was a vice president for Novell's Resource Management group and served as vice president of product management at CertCo, a spinout from Bankers Trust that delivered public key infrastructure (PKI) and secure electronic commerce solutions to the financial services industry.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.