Your browser does not allow storing cookies. We recommend enabling them.

SSH Communications Security Launches Secure Shell HealthCheck


Offering Remediates Secure Shell-Based Governance, Risk and Compliance Issues Impacting Data Centers

WALTHAM , Mass., and NUREMBERG, Germany, Oct. 7, 2014 – A wave of new regulations is making Secure Shell key management a top priority for major financial institutions, enterprises and government agencies, and fines for failed audits can be significant. Today, SSH Communications Security unveiled Secure Shell HealthCheck™ (, its new governance, risk and compliance (GRC) service for the data center, at this year’s IT-SA Conference in Nuremberg.

This new service offering discovers major risk and compliance violations related to management, configuration and access controls over Secure Shell in data center environments, leading to reduced risk of failed audits and cybersecurity breaches from hackers or malicious insiders.

The service enables compliance with regulations and industry standards and helps remediate Secure Shell key mismanagement by:

  • Providing a full analysis of the Secure Shell environment including trust maps, SSH key locations, separation of duties plus ten other significant risk areas
  • Delivering deep dive analysis and recommended actions
  • Enabling high-level visualization and risk management report for CISOs
  • Providing compliance analysis across multiple mandates, including PCI-DSS, BASEL III and NIST


Christian Kress, general manager, DACH, SSH Communications Security, said:

“Too few companies are fully aware of the risks associated with lax Secure Shell key management. Secure Shell HealthCheck provides organizations with a complete view into their Secure Shell environments and a detailed assessment of security and compliance risks impacting their data centers. When production servers are accessible with unknown keys and where access to those servers violates policy – a common scenario we encounter – the risks to the business are evident.”

Kalle Jääskeläinen, vice president, product management and services, SSH Communications Security, said:

“At many enterprises there is a lack of awareness of the role Secure Shell plays in critical day-to-day operations. Secure Shell key-based authentications can easily outnumber many other logins within the data center. While companies have implemented access controls and management procedures for employee login and external facing web applications, even basic security controls like key size, strength and type, rotation and de-provisioning are not part of the IT regimen for data center access controls. Our Secure Shell HealthCheck service provides the actionable information needed to improve security and access controls.”

About SSH Communications Security

SSH Communications Security is the market leader in developing advanced security solutions that enable, monitor and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki.

For more information on SSH Communications Security, please visit




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now