SSH Communications Security Reveals Compliance Predictions for 2016

2016-01-13

Privileged Access Management and Encrypted Channel Monitoring Facing Key Challenges from HIPAA/HITECH, PCI and SOX in 2016

HELSINKI and WALTHAM, Mass., Jan . 13, 2016 – As industry business models change, compliance challenges are being compounded by an evolving threat landscape and by increased scrutiny from federal agencies looking to protect critical data. SSH Communications Security today announced its predictions for the top compliance challenges of 2016. For more information, visit https://ssh.com/.

An increasingly complex network environment and the sophisticated attacks against it demand better security and privacy controls. Key data access trends for 2016 include:

  • Privileged access management (PAM) and third party access are unavoidable – Outsourcing tech support to offsite workers with remote access to production environments and highly sensitive information is increasingly popular. As regulators demand more effective access controls and accountability for monitoring privileged access actions, PAM will be a compliance headache in 2016.

  • HIPAA/HITECH – The federal government is actively enforcing HIPAA/HITECH in 2016. Auditors will be zeroing in on the areas where healthcare providers, health plans, and clearinghouseshave failed audits most often in the past, and will be levying massive fines for noncompliance.As a result, HIPAA/HITECH will be a heavy compliance burden in 2016.

  • Financial Industry and SOX-404 – Relentless ongoing audits and internal controls assessments continue to impact financial organizations, with privileged access controls expected to cause the most audit infractions. Expect mandates calling for all publically traded companies to have an internal audit function in place, and for the scope of internal controls audits to expand exponentially.

  • NISTIR 7966 Security of Interactive and Automated Access Management Using Secure Shell (SSH) – In 2016, U.S. federal government agencies will be required to abide by this guide to manage Secure Shell for access control; as a result, the private sector needs to be prepared for regulatory and standards bodies to follow suit.

Fouad Khalil, director of compliance, SSH Communications Security, said:

“As cybercriminals attack on all fronts, federal auditors are cracking down to help keep customer data safe and reduce the number of breaches. Our predictions show that compliance trends in 2016 will require access control and encryption to become key elements of every organization’s security strategy. Well-defined and integrated security controls will help expedite breach investigations and ensure compliance with reporting requirements well into 2016 and beyond.”

About SSH Communications Security

As the inventor of the SSH protocol, we have a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. For more information, visit www.ssh.com