Your browser does not allow storing cookies. We recommend enabling them.

Universal SSH Key Manager Enables Financial Institutions to Meet New Compliance Requirements from Monetary Authority of Singapore


Strengthened Compliance Requirements Around Secure Shell Access Controls Becoming Reality for Banks and Other Financial Institutions

HELSINKI, Finland and WALTHAM, Mass. – SSH Communications Security, known the world over as the inventor of the ubiquitous Secure Shell and SFTP protocols, today announced that its Universal SSH Key Manager™ (UKM) solution enables banks and other financial institutions to meet the Technology Risk Management Guidelines of the Monetary Authority of Singapore (MAS), Singapore’s central bank.

Key News Facts:

In June of 2013, MAS made updates requiring that financial institutions:

  • Prevent unauthorized access, misuse or fraudulent modification through proper access controls and continuous monitoring of authentication keys in the environment
  • Put in place effective measures to prevent internal sabotage, malware infestation or other attack vectors that could cause severe harm or disruption, such as transitive trust attacks targeting unmanaged authentication keys that enable attackers to rapidly hop from machine to machine
  • Implement a physical or logical segregation of duties and utilize a “least privilege” approach to access controls , such as ensuring authentication keys used by development are not passed on to production machines to create unauthorized access paths between non-production and production environments

Last year, a top global bank with a significant market presence in Singapore selected UKM along with the SSH Key Remediation Services to begin the process of bringing its Secure Shell environment under control. UKM has enabled the bank to monitor, manage and inventory its keys in line with MAS recommendations as well as other compliance mandates including SOX, PCI DSS and others.

SSH will be holding a webinar related to this topic as follows:

Date & Time: October 16, 2013 (3pm SGT), “Meeting the Revised MAS TRM Guidelines”

Supporting Quote:

Tatu Ylönen, CEO and founder of SSH Communications Security, said:

“Compliance bodies are quickly adopting language specific to Secure Shell systems access control and monitoring. The Monetary Authority of Singapore has been on the leading edge of reform because it recognizes the risks and wants to protect consumers and businesses from the devastating impacts of a widespread data breach. With Universal SSH Key Manager, our customers are staying ahead of the trends and are already in good position to pass upcoming PCI v3 audits relating to Secure Shell access controls as well as other compliance mandates.”

About SSH Communications Security

Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe - including seven of the Fortune 10 - trust our Information Assurance Platform to secure the path to their information assets. We enable and enhance business for thousands of customers in multiple industries in the private and public sectors around the world. A fast-growing company, SSH Communications Security operates in the Americas, Europe, and APAC regions, with headquarters located in Helsinki, Finland. The company shares (SSH1V) are quoted on the NASDAQ OMX Helsinki.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now