Encryption: The Good, The Bad & The Ugly
How to Meet Compliance & Mitigate Hidden Threats to Enterprise Security with SSH
Sloppy management of authentication keys for SSH risks catastrophic IT failure in banks, government and industry. Most organizations have no process for managing, removing, and changing access-granting keys. This violates SOX, FISMA, PCI, and HIPAA, all which require proper control of access to servers and proper termination of access.
Matthew McKenna, COO & Executive Vice President at SSH Communications Security and Bob Tarzy, Analyst & Director at Quocirce Ltd. sit down with InfoSecurity Magazine to discuss SSH user key remediation as a process and outline a basic process and set of tools which can be utilized to identify the existing trust relationships in your environment, bring legacy keys under control, and automate the creation, deployment, rotation and removal of keys.