Resources

As the inventors of the SSH protocol, SSH Communications Security is the recognized leader for securing the path to your information assets. Learn how SSH Communications Security products help you protect your information assets while meeting or exceeding regulation mandates. SSH Communications Security customers have saved time and money by utilizing our Information Assurance Platform. So can you.

A Global Financial Institution: Regaining Control of Trusted Access

A global financial giant was alerted to the unmanaged state of trusted access within their network. An internal audit revealed developers’ unmanaged and uncontrolled Secure Shell (SSH) access to the thousands of Unix and Linux systems that run th…

Sarbanes-Oxley and Big Oil

This is a case study of our customer, a multinational energy company that deals in oil and gas, who chose Universal SSH Key Manager® as the solution for managing their SSH environment.

Kuppingercole: Executive View on Universal SSH Key Manager

Kuppingercole, Europe's leading identity and access management analyst, published an extensive review of our Universal SSH Key Manager.

Universal SSH Key Manager

In today's complex enterprise environments it is nearly impossible to map the trust relationships between individual users, system accounts and application ID's to their respective targeted destination SSH servers. Our Universal SSH Key Manager provides the only truly enterprise grade SSH user key m…

ReadySpace Delivers Secure Cloud Services with CryptoAuditor

ReadySpace empowers privileged access and data security in their cloud environment with CryptoAuditor from SSH Communications Security. CryptoAuditor is a transparent privileged user monitoring solution that monitors encrypted connections to and fr…

The Myth of SSH Key Management in the Privileged Access Paradigm

Joe Scaff, Director of Global Support and Matthew “The Protocol Pirate" McKenna, Chief Strategy Officer and their webcast presentation on the myth of SSH key management as part of the privileged access management paradigm.

Major Financial Services Company Gains Visibility & Control Over External Contractors

An international financial services company that serves 45 of the world’s Top50 banks faced a possible security and compliance audit of their critical IT infrastructure. Th…

What Health Organizations Need to Know about SSH Key Management

Health Care Information in the Regulatory Spotlight - including HIPPA compliance.

The Myth of SSH Key Rotation - SSH Mythcracker Webcast Series

Joe Scaff, Director of Global Support and Matthew McKenna, Chief Commercial Officer discuss the most common myths around SSH key rotation. We see a lot of compliance mandates and security policies that tell us why key rotation is so important and in …

The Myth of the SSH Private Key - SSH Mythcracker Webcast Series

Joe Scaff, Director of Global Support and Matthew McKenna, Chief Commercial Officer cover the most common myths around SSH key rotation. We see a lot of compliance mandates and security policies that tell us why key rotation is so important and in so…

Clearmanage Boosts Cloud Security with CryptoAuditor

Clearmanage, based in Singapore with operations in Asia and the Middle East, provides cloud services, cloud infrastructure, hosting services, advanced security solutions and services for government agencies and enterprises.

CryptoAuditor: Extend the Reach of Your Firewall

Monitor, audit and control encrypted privileged access as a simple extension to your advanced firewall without disrupting existing process flows or network topology.

Universal SSH Key Manager Restores Compliance and Reduces Risk at Top 5 Global Bank

Learn how this top 5 global bank reduced the risk of unauthorized access and met compliance mandates by implementing IAM controls in their Secure Shell environment

What You Need To Know About NIST Guidelines for Secure Shell (SSH)

NISTIR 7966 details everything an individual needs to know about the SSH protocol and the security of interactive and automated access management using SSH, its wide usage and how to manage the deployments based on industry best practices. Learn mor…

Tectia SSH Client/Server Datasheet

From the company that invented the SSH protocol, Tectia SSH Client & Server is the gold standard data-in-transit security solution providing the strongest levels of encryption across multi-platform environments.

Tectia SSH Server for IBM z/OS

Tectia SSH Server for IBM z/OS is the first enterprise security solution to fully integrate SSH and SFTP to the IBM z/OS platform for secure mainframe access.

NIST Guidance Cheat Sheet

NISTIR 7966, titled “Security of Interactive and Automated Access Management Using Secure Shell (SSH)”, was published as an official standard as of October 2015. This report has great significance for organizations that use SSH – which is just about every medium to large enterprise, most gover…

The Myth of SSH Key Discovery - SSH Mythcracker Webcast Series

How can you easily determine where your keys are located and how can you get control of the people using them? Joe Scaff, Director of Global Support, presents about the most common myths around ssh user key discovery and how discovered data points ca…

CryptoAuditor

CryptoAuditor is a transparent and centralized real-time privileged access monitoring and auditing solution that enables organizations to control trusted insider data transfer activities on the fly and without any impact on remote administrators. CryptoAuditor is designed to reduce potential securit…

Secure Shell HealthCheck

Many organizations use Secure Shell for privileged access to systems and data across the enterprise, yet few organizations have ever examined their deployments of Secure Shell for data breach risk and compliance exposures. Secure Shell HealthCheck is a security assessment service that delivers a det…

A Secure Shell Guide for PCI DSS Compliance Version 3.1

This white paper takes a closer look at how use of Secure Shell in cardholder data environments (CDE) relates to the specific intent, guidance and requirements of PCI DSS Version 3.1 The paper gives detailed guidance on what Quality Security Assessors and Internal Security A…

Preventing Data Loss Through Privileged Access Channels

Trust is no longer a guessing game. Read this white paper to gain immediate visibility and control on encrypted third-party access within your network.

PCI DSS Gap Assessment Best Practices Guide

Use this guide to assess your state of PCI compliance. It contains key areas of focus an organization should consider before beginning a formal PCI audit which is best addressed via a PCI Gap Assessment.

Achieving Effective Compliance: Hong Kong Monetary Authority’s General Principles for Technology Risk Management

General Principles for Technology Risk Management [TM-G-1] (version V.1 ­ 24.06.03), published by Hong Kong Monetary Authority (HKMA), gives financial institutions instructio…

A Secure Shell Guide for Basel II and Basel III

This white paper explains the nature of Basel II control objectives for IT security, which includes requirements that pertain to Secure Shell.

How Misplaced Trust Can Render Your DLP Ineffective

The new SSH application note authored by Tommi Lampila, VP APAC, presents the scenario and the tangible steps organizations can take to gain the visibility required for security and compliance. Download the Application Note for further details!

CryptoAuditor

Deploying CryptoAuditor is easy – just request an evaluation license and start auditing encrypted traffic! Fill in the form to request your license and immediately receive it in your email inbox.

SSH Tectia Server Trial Download

Try Tectia SSH Server free for 45 days! Tectia SSH Client & Server is an enterprise-class solution for securing system administration, file transfer and application connectivity in heterogeneous enterprise networks. Tectia SSH Client provides strong, FIPS 140-2 certified enc…

Privileged Access Auditing in the Cloud: Don't be Blinded by Encryption

Encryption is the cornerstone of security but also hides potential misuse of privileged access – both interactive and machine-to-machine. Privileged access is the target of most attacks, and successful exploits have the most severe consequences. …

The SSH of Things Webcast - The Anatomy of a Secure Shell Audit

Security starts from awareness and visibility. Watch SSH Communications Security’s deep dive webcast about hidden risks found from real audits of financial services’ secure shell ecosystems.

Attention CISOs: Secure Shell Key Management is Vital to Your Identity and Access Management Strategy

An SSH Key Management Strategy is a critical part of your Identity and Access Management program. Learn what recent research from Gartner and SSH Communications Security has r…

Interview with SSH's new CEO, Harri Koponen

Harri Koponen, 51, eMBA, Dr. Econ. (h.c.), joined SSH at the beginning of October as our new CEO. I took a few minutes of his time to hear where he comes from, what his views are on the current IT security market, and what his focus will be in the near future.

Trust Management in Data Centers Needs CISO Attention (featuring Forrester Analyst John Kindervag)

Guest speaker and Forrester analyst, John Kindervag reviews the current state of trust management in data centers, how current trends in data center automation are making thin…

[Infographic] 4 Steps to SSH Key Management

Your enterprise may have more Secure Shell trust relationships than employees. A lot more. Follow these four steps to gain visibility and control over your Secure Shell environment.

New NIST Guidelines for Secure Shell: What CISO’s Need to Know

Most commercial enterprises and government agencies face serious operational risks due to a lack of management and control over their deployments of Secure Shell. On August 20, 2014 NIST released a comprehensive set of Secure Shell deployment guideli…

The Black Blob of Death Threatens Your Data Center

The "blob" shows us the trust-relationships using Secure Shell key authentication inside a regional bank’s data center. This topological view of trust-relationships demonstrates how a lack of proper access controls in Secure Shell environments can create a real security ri…

What Financial Institutions Need to Know About Secure Shell

Banks, insurance companies, brokerages, credit unions, etc. all use Secure Shell for business processes critical to day-to-day operations and for bringing new services online. However, Secure Shell is often viewed as “part of the plumbing” and typically does not get much…

Heartbleed: You Stopped the Bleeding, But Did You Fix the Problem?

This webinar shows us how attackers can use Heartbleed to steal information directly from servers and then leverage that information to penetrate deep into your infrastructure – even after you have patched every server.

NISTIR 7966 Explained

August 20, 2014 marked the arrival of the NIST Interagency Report 7966. The release of this report has great significance for organizations that use Secure Shell – which is just about every medium to large enterprise, most government agencies and many large non-profits. So what is NISTIR 7966 all …

Save Your CEO From A Major Cyber-Attack

When a high-profile breach happens, heads are going to roll. CEOs, CISOs, and other key executives often get the boot for not doing enough to protect the company, its brand, and its customers. In this webinar, we will touch on some of the risks senior-level employees face wh…

CryptoAuditor: An SSH, SFTP and RDP Firewall

Is your perimeter security strategy ready to address today’s complex and highly targeted threats? Time and time again, we see the headlines...yet another enterprise exploited via encrypted networks. With massive investments in SIEM, DLP, IDS and other layered security s…

Global IT Services and Cloud Hosting Provider Gains Ability to Monitor, Audit & Control Privileged Users in the Cloud

Discover how a major global IT services and cloud hosting company strengthened their security posture, met compliance and satisfied customers' SLA requirements

Universal Key Manager (UKM) Demo Video

Your enterprise may have more Secure Shell identities than employees. A lot more. Gain visibility and control over who has access to what and when, with the only comprehensive identity and access management solution for Secure Shell. Watch the UKM demo for more first hand in…

Universal Key Manager (UKM) Video Demo

Your enterprise may have more Secure Shell identities than employees. A lot more. Gain visibility and control over who has access to what and when, with the only comprehensive identity and access management solution for Secure Shell. Watch the UKM demo for more first hand in…

Tatu Ylönen: The Future of Encryption

Tatu Ylönen on the future of encryption in the wake of Edward Snowden's NSA revelations, the Heartbleed vulnerability & newly discovered APT's.

ConnectSecure - Watch the Video Demo

ConnectSecure is an advanced Tectia SSH Client that makes automation easy. ConnectSecure is ideal for adding encryption to existing automated file transfer processes and makes it easy for your application developers to use encryption.

Open Source: The 'Take a Penny, Leave a Penny' Culture

A follow-up to the blog "Free Can Make You Bleed", John Walsh continues the discussion about open source projects.

Oh My Gosh, You've Got A Million Secure Shell Keys!

Lessons Learned from Managing the Largest Secure Shell Key Management Project in the World

A Case Study Webinar: Securing File Transfers in z/OS

A global manufacturer needed a solution to seamlessly convert FTP jobs. Watch this brief 15 minute webinar and find out how the Tectia for z-OS solution met all their requirements and helped them pass their IT Security Audit.

Advanced Privileged Identity Management

Find out how your organization can move beyond the gateway approach to PIM

CryptoAuditor Video Demonstration

See How Encrypted Channel Monitoring Enhances Your Security Posture.

It Could Happen to You: APT “The Mask” (aka Careto) Targets the Keys to the Kingdom

This webinar provides you with a framework designed to help you control access to your environment and prevent a compromised key from becoming an organization wide/existential…

SSH at the 2014 RSA Conference

We stole a few minutes with Jonathan Lewis, Director of Product Marketing at SSH Communications Security to discuss the buzz at RSA this year and what SSH has to offer.

Exposed: A Malicious Insider's Guide to Compromising Encrypted Networks

Malicious insiders know how to compromise your encrypted networks. Find out how they are going to do it so you can stop them in their tracks.

The Rise Of IT Automation And The New Security Imperatives - Forrester Report

Growth in M2M Processes Requires a Fresh Approach to Security

Tectia SSH Client Trial Download

Try Tectia SSH Client free for 45 days! Tectia SSH Client & Server is an enterprise-class solution for securing system administration, file transfer and application connectivity in heterogeneous enterprise networks. Tectia SSH Client provides strong, FIPS 140-2 certified enc…

ConnectSecure

Try ConnectSecure free for 45 days! ConnectSecure, our advanced SSH client, enables enterprises to easily secure any FTP file transfer without having to modify the existing infrastructure, scripts or applications. Tectia ConnectSecure provides enhanced secure file transfer capabilities for today's d…

Do You Know Where Your Keys Are?

Want to Reduce Your Risks and Save Money? Learn About SSH Key Management Best Practices and How Universal SSH Key Manager Can Help

Global Automobile Manufacturer Secures Mainframe Communications with Tectia for z/OS

View this 15 minute presentation to hear how a major international automobile manufacturer was able to secure critical data transfers between their US and European operations.

OpenSSH Key Management & Control Webinar

Want to Take Control of Your OpenSSH Environment? Watch this Webinar to Find Out How SSH Communications Security Can Help

Media Company Lowers Risk and Gains Operational Efficiency with Universal SSH Key Manager

How Universal SSH Key Manager delivered the visibility and management controls that enabled this media company to restore compliance and reduce overall risk.

SSH Key Mismanagement? Prevent Your Company From Being the Next Security Breach Headline

How an unmanaged deployment of Secure Shell opens a gaping hole in your Identity and Access Management strategy

The Weakest Link in Identity and Access Controls

Why poor Secure Shell key management is a serious access control issue

A Gaping Hole in Your Identity and Access Management Strategy

How an unmanaged deployment of Secure Shell opens a gaping hole in your Identity and Access Management strategy

Encryption: The Good, The Bad & The Ugly

How to Meet Compliance & Mitigate Hidden Threats to Enterprise Security with SSH

SSH Key Discovery: A Guide for Auditors and Compliance Professionals

See how SSH's key discovery tool can facilitate risk, audit & compliance processes and discover access control related security issues in secure shell environments.

Case Study Webinar: SSH Key Remediation in Enterprise Environments

Find out how Universal SSH Key Manager delivered the visibility and management controls that enabled this bank to restore compliance and reduce overall risk.

PCI DSS & SSH Key Management for QSA's Webinar

Learn About the Current and Emerging PCI Compliance Requirements

SSH Key Remediation Webinar

Discover How SSH Communications Security Can Help You Manage Your OpenSSH Environment

Meeting the Revised MAS Technology Risk Management Guidelines

View this 45 minute presentation to hear from Tommi Lampila, VP of APAC at SSH Communications Security, as he goes through the MAS TRM Guidelines and explains how to meet the requirements posed in them.

Insurance Giants Choose SSH Communications Security for IBM Mainframe Security

Discover how two of the world’s largest insurance companies brought their mainframe data-in-transit and administration inline with current security and compliance requirements while retaining their legacy system

Large International Retailer Chooses SSH for Maintaining PCI DSS and SOX Compliance

Leading international retailer relies on SSH Secure and Manage solutions to protect sensitive customer and company data across thousands of locations worldwide.

SSH Communications Security Secures IT Infrastructure and Business Operations for a Major Global Financial Company

A leading financial services company with millions of customers in more than 100 countries replaces an open-source solution with SSH to secure remote system administration and…

Major European Rail Service Provider Chooses SSH to Secure Millions of Card Transactions

A provider of pan-European interrail services moving scores of thousands of customers at a time needed a secure solution for protecting customer data as they purchased tickets…

Leading U.S. Retail Chain Chooses SSH Solutions to Secure Customer and Company Data

A leading U.S. retailer deployed SSH Security Solutions to secure sensitive customer and company data across the enterprise. SSH Solutions allowed the company to reduce risks …

Top International Retailer Standardizes with SSH to Secure Customer Transaction Data

A leading international hardware retailer secures millions of consumer purchases and business data with SSH.

Major Enterprise Security Software Supplier Secures Critical Development Data with SSH

A major global security software enterprise and one of the world's 20 largest software companies (Fortune 1000) with operations in over 30 countries chose SSH to protect criti…

SSH Secures Supply Chain Management for a Leading Pharmaceutical Wholesaler

As part of a system update, Tamro Corporation decided to upgrade security for its file transfer operations. Since a key requirement was also to ensure compliance with public accountability regulations, the company chose SSH Communications Security to…

Government Agency Deploys SSH for Secure File Transfer in Large Multi-Platform Environments

Large federal government agency selects SSH to secure system administration and file transfers to and from IBM mainframe systems that run millions of sensitive internal and co…

The Anatomy of an Insider Attack: Exploiting Encrypted Networks

With recent, high profile breaches in some of the most secure environments in the world (DoD, NSA) the ability of trusted insiders to do extensive damage to an organization's data, capabilities and reputation is now front and center.

Media Company Uses Universal SSH Key Manager to Lower Risk and Gain Operational Efficiency

Find out how this leading news and media organization streamlined provisioning and access controls for application developers and IT staff

Monitoring and Controlling Encrypted Communications

Sami Ahvenniemi, President and CEO, Americas at SSH Communications Security discusses how you can monitor and control your encrypted channels. He provides some solutions for issues regarding privileged user access, accountability, and auditing in enterprise Secure Shell envi…

Security Solutions for IBM Mainframes: Implement, Manage and Monitor Your Encrypted Environment

Automate Secure File Transfers and Close Backdoor Access to The Mainframe with SSH's Data-in-Transit & IAM Solutions for the Mainframe.

Encryption: The Next Advanced Cyber-Weapon

Find out how Secure Shell can be easily weaponized in environments with poor key management.

SSH User Keys and Access Control in PCI-DSS Compliance Environments

Learn how emerging trends in SSH key management is impacting PCI covered environments and the security implications of poor SSH access controls on the enterprise

The Cost of Insecurity: FTP And the Looming Financial Hazard It Is Creating For Your Organization

Once and for all, eliminate unsecured FTP file transfers ensuring that all of your data-in-transit is secured via SFTP and SSH

Technology Risk Management Guidelines by Monetary Authority of Singapore Cost-Effective Controls for Compliance

Learn about cost-effective solutions-based approaches to addressing Monetary Authority of Singapore SSH guidelines

A Gaping Hole in Your Identity and Access Management Strategy: Secure Shell Access Controls

Identity and access management (IAM) is a critical component of an enterprise's security strategy

The Challenge of Identity and Access Management in Secure Shell Environments

A Lack of Identity & Access Management Controls in Your SSH Environment Is Creating A Huge Security and Compliance Issue

Tectia ConnectSecure

ConnectSecure is an advanced Tectia SSH Client that makes automation easy. ConnectSecure is ideal for adding encryption to existing automated file transfer processes and makes it easy for your application developers to use encryption.

An Identity Management Application Note: Missing Identities

The challenge of unmanaged machine identities has grown over time. Data center growth has been explosive. Large server infrastructures can be home to hundreds of thousands or even millions of secure shell user key based identities.

SSH Support Services

An SSH support plan is an easy and efficient way to maximize your investment in SSH software and help reduce your total cost of ownership.

Risk, Compliance and Cost Implications of Unmanaged Secure Shell

This white paper discusses how a lack of central management and control can create various negative impacts within an enterprise environment.

PCI DSS Version 3 Cheat Sheet

This “cheat sheet” provides auditors with quick guidance as to what questions to ask and how to verify that SSH is used safely and securely within the Card Holder Data Environment.

Global Automobile Manufactures Secures Mainframe Communications with Tectia for z/OS

Learn how one of the largest automobile manufacturers in the world eliminated unsecure FTP on the Mainframe

Tectia SSH Server for Linux on IBM System z

Tectia SSH Server for Linux on IBM System z, with its drop-in features such as automatic FTP-SFTP conversion and transparent FTP tunneling, is an ideal Secure Shell (SSH) server solution enabling network security teams to securely transfers data without modifications to scri…

What Every QSA and ISA Should Know About Secure Shell

Find out what questions to ask and how to verify that SSH is being used safely and securely within the Card Holder Data Environment.

Solving Customer Challenges with Tectia ConnectSecure

Sami Marttinen, Chief Solution Engineer at SSH Communications Security discusses how Tectia ConnectSecure makes it easy to add encryption to new and legacy applications.

Insider Attacks in Secure Shell Environments

Jason Thompson, Director of Global Marketing, explains how a malicious insider can take advantage of privileged access and encrypted channels to secretly remove information from your network.

A Mainframe z/OS Demo: How Secure Shell Can Bypass RACF Security Controls

Dave Rivard, SSH's Syztem z Channel and Product Manager, demonstrates how Secure Shell can bypass RACF Security Controls