Just-in-time security tokens


What are Just-In-Time Security Tokens?

Just-In-Time (JIT) security tokens are any technology that grants user temporary, on-demand privileged access to IT resources. They are a technical solution to the concept of Just-in-Time access provisioning, which is a form of identity access management that is meant to limit the amount of time that users have access to sensitive resources, while also eliminating the cybersecurity risk of lost or stolen access credentials.

Why Use Just-In-Time Security Tokens?

Just-in-Time access follows the principle of least privileged access, which is one of the core philosophies of the Zero Trust framework. By using limited access security tokens to grant temporary, on-demand access to critical IT resources, admins are able to shorten the window of potential attack, and eliminate the potential that misplaced or stolen access credentials can be used by bad actors to compromise corporate IT systems.

Just in Time Security Token Example

Ephemeral certificates are a type of limited access security token that is automatically created on-demand, auto-expires, and requires no installation, configuration or updating.

JIT solutions

SSH.COM has developed a comprehensive set of JIT Zero Trust solutions to mitigate the risk of managing digital keys, privileged passwords and other secrets (like API tokens or certificates) by greatly reducing their numbers in IT infrastructures. Learn more about the SSH.COM's Zero Trust and Just-in-time (JIT) solutions here.

Download here