Most enterprises use Secure Shell to run and maintain critical business processes yet few have ever examined their deployment of Secure Shell for data breach risk and compliance violations.
Interested in Secure Shell HealthCheck?
Contact us to learn more about HealthCheck & its custom Secure Shell auditing features.
Here are some facts:
It is common that developers have SSH access to production servers.
In data centers over 7 years old, 80% of SSH Keys are no longer needed but still can be used.
Up to 40% of servers allow SSH access from undocumented sources.
A typical 1000 server environment has over 15,000 SSH key based, server to server trust relationships. These are rarely documented.
Hackers are well aware of the power a stolen Secure Shell key provides. Know your exposures. Secure Shell HealthCheck is a risk and compliance assessment service that gives you quick results and actionable information.
Few enterprises have the in house skills or time to properly audit Secure Shell. Ask your staff: Do we know how many Secure Shell keys we have deployed? Who has access to them? When were they last rotated? What are the server to server trust relationships? We are experts in Secure Shell. Our HealthCheck service gives answers to issues affecting the integrity of your data center.
The HealthCheck service leverages our custom developed scanning and reporting software to deliver information and data no other vendor or home grown scripting provides. It simply does not pay to waste time and effort trying to go it alone.
In matters of IT security, ignorance is not bliss – it’s a problem. Our consultants deliver to you a comprehensive report on the Secure Shell related risk and compliance status specific to your environment. The information speaks to multiple stakeholders:
- For the CISO: Bottom line results and conclusions. What to address now, what can wait, what is OK.
- For the Manager: Details on what we found and what it means to the operation. Where the auditors will find you in violation.
- For the Engineer: All the data and reporting you need to verify and back up our conclusions. This is not “black box” reporting. You will see and understand everything we do.