Strengthened Compliance Requirements Around Secure Shell Access Controls Becoming Reality for Banks and Other Financial Institutions
HELSINKI, Finland and WALTHAM, Mass. – SSH Communications Security, known the world over as the inventor of the ubiquitous Secure Shell and SFTP protocols, today announced that its Universal SSH Key Manager™ (UKM) solution enables banks and other financial institutions to meet the Technology Risk Management Guidelines of the Monetary Authority of Singapore (MAS), Singapore’s central bank.
Key News Facts:
In June of 2013, MAS made updates requiring that financial institutions:
- Prevent unauthorized access, misuse or fraudulent modification through proper access controls and continuous monitoring of authentication keys in the environment
- Put in place effective measures to prevent internal sabotage, malware infestation or other attack vectors that could cause severe harm or disruption, such as transitive trust attacks targeting unmanaged authentication keys that enable attackers to rapidly hop from machine to machine
- Implement a physical or logical segregation of duties and utilize a “least privilege” approach to access controls, such as ensuring authentication keys used by development are not passed on to production machines to create unauthorized access paths between non-production and production environments
Last year, a top global bank with a significant market presence in Singapore selected UKM along with the SSH Key Remediation Services to begin the process of bringing its Secure Shell environment under control. UKM has enabled the bank to monitor, manage and inventory its keys in line with MAS recommendations as well as other compliance mandates including SOX, PCI DSS and others.
SSH will be holding a webinar related to this topic as follows:
Tatu Ylönen, CEO and founder of SSH Communications Security, said:
“Compliance bodies are quickly adopting language specific to Secure Shell systems access control and monitoring. The Monetary Authority of Singapore has been on the leading edge of reform because it recognizes the risks and wants to protect consumers and businesses from the devastating impacts of a widespread data breach. With Universal SSH Key Manager, our customers are staying ahead of the trends and are already in good position to pass upcoming PCI v3 audits relating to Secure Shell access controls as well as other compliance mandates.”
About SSH Communications Security
Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe - including seven of the Fortune 10 - trust our Information Assurance Platform to secure the path to their information assets. We enable and enhance business for thousands of customers in multiple industries in the private and public sectors around the world. A fast-growing company, SSH Communications Security operates in the Americas, Europe, and APAC regions, with headquarters located in Helsinki, Finland. The company shares (SSH1V) are quoted on the NASDAQ OMX Helsinki.
For more information on SSH Communications Security please visit www.ssh.com.