Your browser does not allow storing cookies. We recommend enabling them.

SSH Communications Security Solutions Deliver PCI DSS Version 3.0 Compliance


Universal SSH Key Manager, CryptoAuditor and SSH Risk Assessor Strengthen Access Control and Encryption Management

HELSINKI, Finland and WALTHAM, Mass. – SSH Communications Security, known the world over as the inventor of the ubiquitous Secure Shell and SFTP protocols, today announced that its Universal SSH Key Manager (UKM), CryptoAuditor and SSH Risk Assessor (SRA) solutions enable organizations to meet requirements mandated by the new version 3.0 of the PCI DSS.

News Facts

  • PCI DSS v3.0 released on November 7, 2013 specifies fifty requirements and controls pertaining to Secure Shell-enabled system access . Organizations using Secure Shell for privileged access and/or machine-to-machine (M2M) processes must ensure that their policies and governance over Secure Shell deployments meet the new mandates.
  • Universal SSH Key Manager is the only solution that delivers full key lifecycle management capabilities ; including discovery, deployment, rotation, removal and continuous monitoring as required by the new v3.0 standards.
  • CryptoAuditor controls and monitors the activities of privileged users and processes with access to cardholder data.
  • SSH Risk Assessor is a free, easy-to-use audit and discovery tool designed to enable QSAs and ISAs to quickly identify PCI-related compliance and security issues.

Supporting Quote

Tatu Ylönen, CEO and founder of SSH Communications Security, said:

“A lack of specific instructions, testing requirements and awareness has historically left most enterprises with significant gaps in their risk and compliance postures. Most compliance regulations only refer in general terms to access control and encrypted network monitoring. SSH Communications Security has been working directly with major compliance bodies to bolster the regulatory framework with protections for the M2M connections that make up nearly 90 percent of the network environment. Our solutions help organizations protect against network threats and keep in compliance with these new standards.”

Supporting Documents

A Secure Shell Guide for PCI DSS Version 3

About SSH Communications Security

Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe - including seven of the Fortune 10 - trust our Information Assurance Platform to secure the path to their information assets. We enable and enhance business for thousands of customers in multiple industries in the private and public sectors around the world. A fast-growing company, SSH Communications Security operates in the Americas, Europe, and APAC regions, with headquarters located in Helsinki, Finland. The company shares (SSH1V) are quoted on the NASDAQ OMX Helsinki.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more