White Papers

Showing Resources: 117 of 17

resource thumbnail

Attention CISOs: Secure Shell Key Management is Vital to Your Identity and Access Management Strategy

An SSH Key Management Strategy is a critical part of your Identity and Access Management program. Learn what recent research from Gartner and SSH Communications Security has revealed in this area of critical importance to CISOs.

Download Now
resource thumbnail

What Financial Institutions Need to Know About Secure Shell

Banks, insurance companies, brokerages, credit unions, etc. all use Secure Shell for business processes critical to day-to-day operations and for bringing new services online. However, Secure Shell is often viewed as “part of the plumbing” and typically does not get much attention from Compliance, Audit or Security. This mindset is rapidly changing. Poor controls over Secure Shell environments have contributed to costly data breaches and compliance violations. This white paper provides basic information on security and compliance issues as well as best practices for management and controls over Secure Shell environments within the financial services industry.

Download Now Download A4 version
resource thumbnail

Achieving Effective Compliance: Hong Kong Monetary Authority’s General Principles for Technology Risk Management

General Principles for Technology Risk Management [TM-G-1] (version V.1 ­ 24.06.03), published by Hong Kong Monetary Authority (HKMA), gives financial institutions instructions in managing technology-related risks. While the guidelines provide high-level and technology-agnostic scope and direction, several sections have impact on the way access controls, privileged users and SSH keys are managed. This poses a challenge for upper management and auditors; and thus they often overlook the critical gaps in the enforcement of access controls and compliance mandate. The white paper highlights the guidelines and considerations, and offers proposed solution approaches to each.

Download Now
resource thumbnail

What CISOs Need to Know About The New NIST Guidelines for Secure Shell

August 20, 2014 marked the arrival of the NIST Interagency Report 7966 (NISTIR 7966). The report provides guidelines for the security of automated access management using Secure Shell (SSH). These new developments within NIST have great significance for CISOs and other executives responsible for IT security. This white paper explains why NIST has taken these steps and what it means for IT security management not only within federal government agencies but also within the commercial sector.

Download Now Download in Japanese
resource thumbnail

The Rise Of IT Automation And The New Security Imperatives - Forrester Report

Growth in M2M Processes Requires a Fresh Approach to Security

Download Now
resource thumbnail

A Gaping Hole in Your Identity and Access Management Strategy: Secure Shell Access Controls

Identity and access management (IAM) is a critical component of an enterprise's security strategy

Download Now
resource thumbnail

The Challenge of Identity and Access Management in Secure Shell Environments

A Lack of Identity & Access Management Controls in Your SSH Environment Is Creating A Huge Security and Compliance Issue

Download Now
resource thumbnail

Risk, Compliance and Cost Implications of Unmanaged Secure Shell

This white paper discusses how a lack of central management and control can create various negative impacts within an enterprise environment.

Download Now
resource thumbnail

PCI DSS Version 3 Cheat Sheet

This “cheat sheet” provides auditors with quick guidance as to what questions to ask and how to verify that SSH is used safely and securely within the Card Holder Data Environment.

Download Now
resource thumbnail

A Secure Shell Guide for PCI DSS Version 3

This white paper takes a closer look at how use of Secure Shell in cardholder data environments (CDE) relates to the specific intent, guidance and requirements of PCI DSS Version 3. The paper gives detailed guidance on what Quality Security Assessors and Internal Security Assessors should look for when conducting PCI DSS audits.

Download Now
resource thumbnail

Preventing Data Loss Through Privileged Access Channels

Inline, On-The-Fly and Invisible Encrypted Channel Monitoring

Download Now
resource thumbnail

Security Solutions for IBM Mainframes: Implement, Manage and Monitor Your Encrypted Environment

Automate Secure File Transfers and Close Backdoor Access to The Mainframe with SSH's Data-in-Transit & IAM Solutions for the Mainframe.

Download Now
resource thumbnail

SSH User Keys and Access Control in PCI-DSS Compliance Environments

Learn how emerging trends in SSH key management is impacting PCI covered environments and the security implications of poor SSH access controls on the enterprise

Download Now
resource thumbnail

The Cost of Insecurity: FTP And the Looming Financial Hazard It Is Creating For Your Organization

Once and for all, eliminate unsecured FTP file transfers ensuring that all of your data-in-transit is secured via SFTP and SSH

Download Now
resource thumbnail

Technology Risk Management Guidelines by Monetary Authority of Singapore Cost-Effective Controls for Compliance

Learn about cost-effective solutions-based approaches to addressing Monetary Authority of Singapore SSH guidelines

Download Now
resource thumbnail

What CISOs Need to Know About The New NIST Guidelines for Secure Shell [Japanese Version]

2014年8月20日に、NIST Interagency Report 7966 (NISTIR 7966) が発表されました。この報告書は、Secure Shell (SSH) を使用した自動化されたアクセスの管理のためのセキュリティ・ガイドラインを提供するものです。NIST のこれらの新しい展開は、IT セキュリティの責任者である CISO やその他の経営陣に対して大きな意義があります。本ホワイトペーパーでは、なぜ NIST がこれらのステップを取ったのか、またそれが連邦政府機関内だけでなく、その他企業の IT セキュリティ管理において何を意味するかを説明します。

Download Now