Banks, insurance companies, brokerages, credit unions, etc. all use Secure Shell for business processes critical to day-to-day operations and for bringing new services online. However, Secure Shell is often viewed as “part of the plumbing” and typically does not get much attention from Compliance, Audit or Security. This mindset is rapidly changing. Poor controls over Secure Shell environments have contributed to costly data breaches and compliance violations. This white paper provides basic information on security and compliance issues as well as best practices for management and controls over Secure Shell environments within the financial services industry.