Your browser does not allow storing cookies. We recommend enabling them.

SSH Communications Security Solutions Deliver PCI DSS Version 3.0 Compliance


Universal SSH Key Manager, CryptoAuditor and SSH Risk Assessor Strengthen Access Control and Encryption Management

HELSINKI, Finland and WALTHAM, Mass. – SSH Communications Security, known the world over as the inventor of the ubiquitous Secure Shell and SFTP protocols, today announced that its Universal SSH Key Manager (UKM), CryptoAuditor and SSH Risk Assessor (SRA) solutions enable organizations to meet requirements mandated by the new version 3.0 of the PCI DSS.

News Facts

  • PCI DSS v3.0 released on November 7, 2013 specifies fifty requirements and controls pertaining to Secure Shell-enabled system access . Organizations using Secure Shell for privileged access and/or machine-to-machine (M2M) processes must ensure that their policies and governance over Secure Shell deployments meet the new mandates.
  • Universal SSH Key Manager is the only solution that delivers full key lifecycle management capabilities ; including discovery, deployment, rotation, removal and continuous monitoring as required by the new v3.0 standards.
  • CryptoAuditor controls and monitors the activities of privileged users and processes with access to cardholder data.
  • SSH Risk Assessor is a free, easy-to-use audit and discovery tool designed to enable QSAs and ISAs to quickly identify PCI-related compliance and security issues.

Supporting Quote

Tatu Ylönen, CEO and founder of SSH Communications Security, said:

“A lack of specific instructions, testing requirements and awareness has historically left most enterprises with significant gaps in their risk and compliance postures. Most compliance regulations only refer in general terms to access control and encrypted network monitoring. SSH Communications Security has been working directly with major compliance bodies to bolster the regulatory framework with protections for the M2M connections that make up nearly 90 percent of the network environment. Our solutions help organizations protect against network threats and keep in compliance with these new standards.”

Supporting Documents

A Secure Shell Guide for PCI DSS Version 3

About SSH Communications Security

Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe - including seven of the Fortune 10 - trust our Information Assurance Platform to secure the path to their information assets. We enable and enhance business for thousands of customers in multiple industries in the private and public sectors around the world. A fast-growing company, SSH Communications Security operates in the Americas, Europe, and APAC regions, with headquarters located in Helsinki, Finland. The company shares (SSH1V) are quoted on the NASDAQ OMX Helsinki.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now