SSH Communications Security | Blog

6 Features to Look Out for When Choosing a Business Communication Tool

pelin.tufekci@ssh.com (Pelin Tüfekçi) — Tue, 09 Apr 2024 10:11:06 GMT

Communications between employees, with prospects and customers, or among business partners – they all happen mostly via email, video calls, and instant messaging these days. As a result, almost no business can operate without using some kind of business communication tool or, more likely, a set of tools.

Cybercriminals are well aware of that. With cybercrime globally on the rise, data breaches are among the top cyber threats. Targeting communication tools used by businesses is no exception. For example, commonly used solutions byMicrosoft and Slack have in recent years experienced an increased number of cyberattacks.

Let’s review the key features that you should look out for when choosing a business communication solution to keep your organization safe.

2024, the year of cybersecurity regulations | SSH

zuzana.hutchinson@ssh.com (Zuzana Hutchinson) — Thu, 07 Mar 2024 10:54:35 GMT

The year 2024 will see several cybersecurity regulations and laws coming into effect – some of them are completely new (e.g. DORA), and some of them are new versions of older regulations (e.g. NIS2 or NIST 2.0). All of them placing new demands on private as well as public organizations, which will seriously affect the cybersecurity landscape.

Let’s look at the impact of new and updated cybersecurity regulations in 2024.

SSH's Journey in the CHARM Project: Enhancing OT Cybersecurity | SSH

ilpo.ruohonen@ssh.com (Ilpo Ruohonen) — Tue, 05 Mar 2024 07:55:22 GMT

During the CHARM project, we have developed technology to ensure secure access management, whether it's on-site or remote, for customers operating in the OT environment. Our collaboration with other partners in the CHARM consortium has been crucial, offering valuable insights and helping us better understand market needs.

Miikka Sainio appointed to SSH's Executive Management Team | SSH

Rami Raulas — Mon, 04 Mar 2024 11:27:24 GMT

SSH Communications Security Announcements by CEO

Miikka Sainio has been appointed to the SSH Communications Security (“SSH”) Executive Management Team (LT).

SSH Customer Satisfaction 2024: Strong NPS & Competitiveness | SSH

Esa Tornikoski — Tue, 27 Feb 2024 10:18:42 GMT

A recent customer satisfaction survey reveals exciting news. Our hard work is paying off!

We're proud to share the results.

SSH Communications Security joins the AIQUSEC consortium | SSH

ilpo.ruohonen@ssh.com (Ilpo Ruohonen) — Fri, 23 Feb 2024 08:00:00 GMT

The AI-Based Quantum-Secure Cybersecurity Automation and Orchestration in the Edge Intelligence of Future Networks (AIQUSEC) project is set to revolutionize cybersecurity. Focused on measurable advances, especially in access, edge services, and operational technology (OT), the project aims to reshape the digital security landscape.

How to Bridge Your PAM and Identity Management (IdM) | SSH

zuzana.hutchinson@ssh.com (Zuzana Hutchinson) — Tue, 20 Feb 2024 09:00:00 GMT

Your Privileged Access Management (PAM) and Identity Management (IdM) should work hand in hand to secure your users’ access and identities – regular users and privileged users alike.But traditional solutions struggle to achieve that.

Let’s look at what organizations need to understand about PAM and IdM and how you can bridge and future-proof your PAM and IdM.

Meet Ivan Leontev: From Junior to QA Engineer | SSH

Alina Preda — Wed, 31 Jan 2024 08:03:03 GMT

Meet Ivan Leontev and his incredible journey from a Junior to a seasoned QA Engineer here at SSH. Ivan started his adventure with us a couple of years back in October 2021, joining the dynamic PrivX team.

As time passed, so did Ivan's growth within the company, making his career story truly inspiring.

IEC 62443 & ISO 27001: FAQ with OT security experts | SSH

zuzana.hutchinson@ssh.com (Zuzana Hutchinson) — Fri, 19 Jan 2024 09:00:00 GMT

We have gathered three OT security professionals and asked them about two important regulations, IEC 62443 and ISO 27001 – what they are, what are the connections between them, and how to comply. Read on to find out.

Terrapin Vulnerability in the SSH Protocol - How to Stay Secure | SSH

Juuso Jahnukainen — Tue, 09 Jan 2024 08:07:14 GMT

The Secure Shell (SSH) is a widely-used protocol that provides (remote) secure access to servers, services, and applications - and between them for automated file transfers. These connections are measured in the millions per week.

Cybersecurity Trends to Look Out for in 2024 | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Mon, 08 Jan 2024 08:33:26 GMT

The importance of cybersecurity has been on the rise for a while now. In 2024, cybersecurity will make its way into boardrooms, enter the AI battlefield, or change how businesses juggle their trade secrets and sensitive communications.

Here are our top 8 cybersecurity trends to look out for in 2024:

The Future of Industrial Remote Access: Software-Based OT Solutions

eduardo.giancristofaro@ssh.com (Eduardo Giancristofaro) — Fri, 05 Jan 2024 11:00:07 GMT

For over a decade, the adaptation of remote access and data acquisition technologies in industrial applications has been increasing rapidly, while the number of competitors, as well as their complexity, has grown day by day.

Biometric authentication with PrivX Authorizer | SSH

ilpo.ruohonen@ssh.com (Ilpo Ruohonen) — Tue, 19 Dec 2023 08:36:19 GMT

Biometric authentication is becoming more and more popular in today’s digitalized world, revolutionizing the way we secure our digital identities due to its efficiency, accuracy, and enhanced security features.

Cybersecurity 2023: End-of-the-year overview of trends and hacks | SSH

zuzana.hutchinson@ssh.com (Zuzana Hutchinson) — Wed, 13 Dec 2023 11:03:55 GMT

2023 was the year of cybersecurity – with new trends entering the market and massive hacks and data breaches shaking the industry at its core.

Here’s our overview of the most important trends and hacks of 2023.

Meet Pelin Tüfekçi: An inspiring story at SSH | SSH

Alina Preda — Tue, 05 Dec 2023 07:54:23 GMT

Meet PelinTüfekçi, our Product Manager for the Secure Collaboration product portfolio. Originally from Istanbul, she fell in love with Helsinki first, and shortly afterward she joined our SSH family. Here, Pelin found the complexity of cybersecurity both daunting and thrilling.

4 reasons why passwords are NOT reliable anymore | SSH

Juuso Jahnukainen — Fri, 17 Nov 2023 08:11:00 GMT

This article was originally published 17th of November 2023 and since been updated with new content.

Are passwords as secure as we once thought? In today's ever-evolving digital world, relying solely on passwords to safeguard our information may no longer be enough. From cyberattacks to data breaches, there are three key reasons why passwords are no longer as reliable as they used to be. Stay informed to protect yourself in this increasingly complex online world.

Meet Jani Virkkula: A Journey of Professionalism and Passion | SSH

Alina Preda — Fri, 10 Nov 2023 10:55:55 GMT

Meet Jani Virkkula, our Product Marketing Manager for the EMEA region, whose journey at SSH kicked off with a hint of humor, joining the company on April 1, 2018, often referred to as April Fools' Day.

Before his SSH days, Jani had been working within the telecommunications field, transitioning into marketing from a background steeped in technical documentation.

How should you respond to the theft of your identity: Real-life tips

zuzana.hutchinson@ssh.com (Zuzana Hutchinson) — Tue, 07 Nov 2023 08:30:00 GMT

Identity theft isn’t a new threat within the cyberthreat landscape. But if you’re online (and who isn’t nowadays), it is something you need to be aware of and beware of.

Here are just a few reasons why identity theft should be on your radar right now:

The number of identity theft cases started growing rapidly in early 2020, estimated to reach its all-time high in 2023.
In 2022, the Federal Trade Commission (FTC) registered 1.4 million cases – that's 25% of all FTC reports.
It’s estimated that a third of US citizens faced identity theft at some point in their lives, and the probability of a US citizen facing identity theft is 3x higher than in other countries.

3 Tips on Securing OT in the Age of Digital Transformation | SSH

eduardo.giancristofaro@ssh.com (Eduardo Giancristofaro) — Mon, 30 Oct 2023 07:57:49 GMT

Operational Technology (OT) and manufacturing businesses are prime targets for cybercriminals. Why? Because OT security is lacking behind theIT sector, such asbanking and retail.

For example, ransomware attacks on OT systems are on the rise with twice as many attacks in 2022 than the previous year. And the estimates are that more than half of OT and manufacturing businesses were hit by ransomware in 2023, with more than a third of them losing business and revenue as a result (according to the State of Ransomware 2023 report).

The message from OT security experts is clear: Don’t wait to modernize and renew your systems – adapt and bypass your system limitations now.

Here are three key tips on how you can secure your OT environment for the digital age.

How to secure your business communications using Zero Trust | SSH

Maarit Asikainen — Fri, 06 Oct 2023 08:00:00 GMT

Zero Trust is a common concept in cybersecurity these days. As a theoretical model, Zero Trust redefines how businesses think about and secure their IT environments – leaning away from perimeter security toward perimeter-less. The Zero Trust principle can also be used to secure your business communications.

Let's look at how you can implement Zero Trust for secure business communications in practice.

The impact of the NIS2 directive on OT businesses | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Thu, 21 Sep 2023 07:24:43 GMT

The industrial digitalization that started over 20 years ago accelerated rapidly in recent years, particularly in the field of operational technology (OT). This evolution made critical infrastructure more connected but also more vulnerable to cyber threats.

5 secure data sharing challenges in healthcare | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Thu, 14 Sep 2023 07:05:33 GMT

Sharing medical and health data has many benefits not just for healthcare providers and professionals but also for patients - yet the security when sharing healthcare data is still a challenge.

Let’s look at the five most common challenges that healthcare providers experience when sharing sensitive health data.

5 ways quantum computers will positively impact our future | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Fri, 08 Sep 2023 07:00:00 GMT

In computing, innovative technology is on the horizon, poised to reshape our world as we know it. Quantum computers, powered by the principles of quantum mechanics, hold the promise of revolutionizing industries, solving complex problems, and unlocking new frontiers of knowledge.

Healthcare data security: Why is your health data in danger? | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Wed, 30 Aug 2023 07:00:00 GMT

The progress of digitalization in the healthcare industry undeniably reached a new high in the last few years. With advances in cloud computing, Artificial Intelligence (AI), and new software, healthcare is quickly becoming an industry that heavily relies on modern IT, taking in its advantages as well as risks.

Your data is at risk from quantum computers now. Here’s why. | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Thu, 13 Jul 2023 07:30:00 GMT

Quantum computers exist as we speak. While their full potential will still be years in the making, your business needs to start upping the ante on the encryption game without delay.

Why critical infrastructure needs modern OT cybersecurity? | SSH

ilpo.ruohonen@ssh.com (Ilpo Ruohonen) — Mon, 03 Jul 2023 08:00:00 GMT

Operational Technology (OT) systems become more and more interconnected nowadays. So, it is pivotal to address the associated OT cybersecurity risks to safeguard critical infrastructure and ensure the resilience of industrial operations in the face of evolving technological landscapes.

OT cybersecurity: Ports and terminals at risk of cyberattacks | SSH

Antti Kaunonen — Mon, 26 Jun 2023 08:27:30 GMT

If you would want to take down an entire country, what would you do? Would you use physical weapons or utilize cyber resources? What or who would be your first target?

Modern OT Cybersecurity: Why Does It Matter? | SSH

ilpo.ruohonen@ssh.com (Ilpo Ruohonen) — Tue, 20 Jun 2023 06:45:01 GMT

The gap between potential and current capabilities within the industrial operations segment is rapidly widening due to industrial businesses not modernizing fast enough. This includes industries such as mining, energy, or manufacturing, to name a few. Hence, the integration of modern technology within industrial operations has become a must-have. If industrial automation and manufacturing businesses want to maintain their competitive advantage, company profitability, and increased visibility within the industry, they must modernize, just like any other business.

Zero Trust and Secure Remote Access for OT Cybersecurity | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Fri, 21 Apr 2023 08:20:08 GMT

The Fourth Industrial Revolution, also known as 4IR or Industry 4.0, refers to industries, technologies, and processesthat are under pressure to upgrade their game as the demand for interconnectivity and smart automation increases dramatically. This puts secure remote OT access at the center of OT security.

Open-Source SSH: When Free Is Not Free | SSH

Jussi Rautio — Fri, 14 Apr 2023 07:07:54 GMT

Free software, also known as open-source software, sounds like a good way to cut already high IT costs. As the name suggests, it's free, thus it shouldn't cost anything. But is it really that simple? Let's find out.

How to manage SSH keys without key vaults | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Tue, 04 Apr 2023 08:26:45 GMT

Credentials and secrets management often focus on passwords. But there are also other credentials, like SSH keys, that serve the same purpose as passwords in the sense that they are access credentials just as well and, at the same time, are overlooked.

Credential management needs to evolve beyond password vaulting | SSH

jani.virkkula@ssh.com (Jani Virkkula) — Tue, 04 Apr 2023 06:34:38 GMT

Whether you are a regular Microsoft 365 user or a super admin wielding a lot of IT power, your passwords must be managed. It just makes cybersecurity sense, and it is required by law.

But what is the best way to manage passwords that are especially powerful access credentials in the hands of administrators, developers, and consultants?

Why You Need to Re-Think Cybersecurity in Operational Technology | SSH

Antti Kaunonen — Thu, 30 Mar 2023 06:00:00 GMT

NOTE: This article is written by a guest contributor, Antti Kaunonen. Antti is also advising SSH in automation and operational technology cybersecurity topics as a long-term expert in the industry.

Seven Ways to Stay Compliant in Secure Business Communications

jani.virkkula@ssh.com (Jani Virkkula) — Thu, 23 Feb 2023 11:40:38 GMT

Organizations have a duty to protect and secure sensitive information that they have about their customers, partners, and employees. At the same time, they have legitimate reasons to share that information in-house and within their extended ecosystem using secure business communications.

Entering the New Era of Cybersecurity

kai.lummi@ssh.com (Kai Lummi) — Mon, 30 Jan 2023 15:06:54 GMT

Entering the new era of the cybersecurity landscape, it is more important than ever for businesses and organizations to implement robust defensive cybersecurity measures to protect their critical data and communications. The number of cyber-attacks has risen dramatically in recent years, with criminals receiving state-level support. This puts organizations, including government agencies, critical industries and infrastructure, financial institutions, authorities, health institutions, and individual citizens, at great risk.

SSH in the World of Post-Quantum Cryptography (PQC)

Marieta Uitto — Wed, 18 Jan 2023 10:47:04 GMT

Nowadays, advances in quantum computing are moving at a neck-breaking pace. Giants in the field have been faithfully executing roadmaps and delivering on milestones laid out several years ago. And while it is hard to predict when the advances will reach their breaking point, the threat to classical, public key cryptography is getting closer.

In this article, we discuss the practical threats to SSH encryption posed by viable quantum computers, prioritization, and pointers on embarking on a crypto-agility journey.

When Should You Start Implementing a Quantum-Safe Solution?

Jussi Rautio — Tue, 03 Jan 2023 10:15:23 GMT

The quantum threat is looming, but we are not exactly sure when it will hit, how serious it will be, or how exactly we should be preparing for it. There is still ongoing development of Quantum-Safe Cryptography, so wouldn't it be better to wait until Post-Quantum Cryptography (PQC) algorithms are more developed? Let's find out.

Know Your Vulnerabilities: Key Exchange in Danger

Jussi Rautio — Wed, 28 Dec 2022 07:26:54 GMT

The quantum threat is around the corner. You already know that Post-Quantum Cryptography (PQC) is a cost-effective and practical solution. However, modern data communication cryptosystems used in network protocols like SSH and TLS are complicated and typically consist of multiple encryption algorithms working together. Which parts are the most vulnerable and which ones need to be fixed first? Let's find out.

How Urgent Is It to Get Protected against the Quantum Threat?

Jussi Rautio — Mon, 05 Dec 2022 07:30:22 GMT

There’s a lot of talk these days about the quantum threat and how it will annihilate current encryption algorithms. What is often overlooked is the timeline, or when we can expect quantum computers to start having an impact. Let’s find out.

You Don't Need New Fiber Cables to Be Quantum-Safe

Jussi Rautio — Mon, 28 Nov 2022 07:50:23 GMT

You might already know a lot about the quantum threat, or you might just have heard of it. You might know that there are remedies that would make you quantum-safe. However, you might not know that there is a wide variety of alternatives. Which one is the right one for your organization? Let’s find out.

Why Quantum-Safe Privileged Access Management Matters

jani.virkkula@ssh.com (Jani Virkkula) — Mon, 21 Nov 2022 08:29:13 GMT

Quantum computers already exist and their efficiency is increasing. While they promise great advances for the medical, biotech, and materials industries to name a few, sooner or later, they will also put classical cryptography in danger. Without going into details, the tried-and-true method of adding more bits to the encryption algorithms to make them more secure won’t protect classical encryption from attacks powered by sufficiently efficient quantum computers.

How to Make Mainframes Quantum-Safe and Secure?

Jussi Rautio — Fri, 18 Nov 2022 10:45:27 GMT

Mainframe admins know very well that all data communications should be well-secured. You have likely already converted your unsecure FTP traffic into SFTP with SSH Tectia Server for IBM z/OS, or maybe you are considering your options at this point. But now there’s talk about the quantum threat - that quantum computers are going to compromise all current data communications in a few years' time. You start to wonder: how will this impact me and my system? Let’s find out.

Hello, Quantum-Safe World!

Suvi Lampila — Thu, 13 Oct 2022 07:30:06 GMT

Quantum computers are no longer science fiction. Their computation power is increasing by leaps and bounds both in terms of the number of usable qubits and optimization in error correction. The recent advances and heavy investment only accelerate the progress.

Leila Arstila: My journey to the European Cyber Security Challenge

Guest: Leila Arstila — Mon, 10 Oct 2022 09:53:36 GMT

About Leila

Before I tell you about the journey, let me introduce myself a bit better. My name is Leila “leila” Arstila (I will get back to this rather original nickname later) and I’m a 24-year-old computer science student at Aalto University.

Are You Using Unauthorized and Non-compliant Channels for Sensitive Information Sharing?

Maarit Asikainen — Mon, 10 Oct 2022 07:14:42 GMT

Are your sensitive communications encrypted, restricted, trackable, and compliant? That's the question circulating in the finance sector, as massive fines are hitting financial businesses due to personnel discussing deals and trades on their personal, unauthorized devices and communication apps – and then deleting the messages afterward.

What Do Privileged Access Management, Bikes & E-bikes Have in Common?

Teemu Tunkelo — Thu, 29 Sep 2022 09:55:29 GMT

Sometimes you need to experience something firsthand to understand the real difference. I had one of those experiences in the Alps just recently.

What Does Passwordless, Keyless, and Defensive Cybersecurity Mean?

Teemu Tunkelo — Mon, 05 Sep 2022 08:00:00 GMT

Imagine a world where you don't need keys to your car or home. Your car lets you in every time you approach it, and the door to your home swings open when you touch the door handle.

SSH Overall Leader in KuppingerCole’s Dynamic Access Management Report

jani.virkkula@ssh.com (Jani Virkkula) — Thu, 25 Aug 2022 08:57:37 GMT

KuppingerCole Analysts just published their Dynamic Resource Entitlement & Access Management (DREAM) classification for access management and entitlement platforms that can best operate in dynamic computing environments.

This report is first of its kind for the market research company, and it puts special emphasis on platforms that “must operate at the speed of the cloud and grant access based on tasks, toolchains, and workloads rather than roles – or only permission access to static resources such as servers or vaults”, as is stated in the report.

We at SSH are happy to announce that we are ranked as an 'Overall leader in this document. We were leaders in the following categories:

Market Leaders
Market Champions
Product Leaders
Innovation Leaders

Download the report here for free, courtesy of SSH!

What Is Dream?
Vaulting, Standing Privileges, and Cloud Workloads Are Not the Optimal Combination
Just-in-Time Zero Trust with Zero Touch Is Gaining Recognition
Passwordless is great - but what about encryption keys?
JIT Zero Trust Access Management for Keys and Passwords

The biggest cyber threat to your organization: Your CISO’s burnout

jani.virkkula@ssh.com (Jani Virkkula) — Wed, 17 Aug 2022 08:00:00 GMT

Cybersecurity experts’ jobs are extremely demanding – they must be on high alert for many hours every day and often around the clock. So, it’s important that their working environment is as stress-free and supportive as possible so that they can do their job properly and have their heads screwed on right in high-pressure situations.

However, the latest reports show that this is far from reality.

CISOs work extreme hours and experience burnout
Lacking remote work security and overload of (manual) tasks
Is your CISO ready to quit?
Automation for the rescue

Defensive Cybersecurity and Why It Matters in 2022

Teemu Tunkelo — Mon, 08 Aug 2022 08:00:00 GMT

In recent years, cybersecurity has increasingly emerged alongside traditional risks. For example, buildings, factories, harbors, ships, electricity producers, and distribution and infrastructure networks are increasingly equipped with different types of automation systems and remote-control technologies, making them a potential target for various kinds of cyberattacks.