Universal SSH Key Manager®

The vast majority of large enterprises rely on Secure Shell (SSH) to provide secure authentication and confidentiality (encryption) for many business-critical functions such as automated backups, day-to-day file transfers, and interactive systems administrator access.

Many mission-critical IT functions are enabled through SSH. SSH utilizes SSH keys for identity and access control. There are more SSH keys than there are any other credentials in a typical corporate network. These keys secure and control the access to critical corporate resources. Each SSH key has powers that are very similar to a password, and they must be managed with similar care and attention.

However, most enterprises use manual processes for generating, configuring, and deploying the SSH public and private keys. Over time, this results in an uncontrolled proliferation of authentication keys. Security managers lose visibility and control over who has access to what servers and whether access rights previously granted should be revoked. It is impossible to map the trust relationships between individual users, system accounts, and application IDs with their respective destination servers.

SSH Communications Security

SSH Communications Security (NASDAQ OMX: SSH1V) is a leading provider of enterprise cybersecurity solutions. Our solutions enable, control, and audit trusted access in critical environments.

Our technology secures the infrastructure of our digital lives. We are present in over 90% of all data centers in the world – on-premise and in the cloud. With over 20 years of history and dozens of relevant patents, we understand access and security like no other.

Trusted Access - Visibility and Control

Universal SSH Key Manager discovers, monitors, remediates, and manages SSH keys for interactive and automated connections in on-premise and cloud-based environments.

Reduce Risk - Enable Compliance

Universal SSH Key Manager reduces risk of serious deep-level information security breaches. It brings the corporate trusted access into compliance with regulatory mandates such as Sarbanes-Oxley, PCI-DSS, and HIPAA.

ssh-keys

Universal SSH Key Manager provides enterprises a comprehensive oversight and control over SSH access, cryptographic best practices, and configuration management. SSH key management is an essential part of the identity and access management policy of any enterprise.

Universal SSH Key Manager is non-intrusive — all operations for discovery, continuous monitoring, access lockdown, remediation, and key life cycle management are conducted without disrupting existing workflows and business processes.

SSH Communications Security has gathered extensive experience in enterprise-wide SSH key management deployments. Based on these experiences we have defined best practices to resolve the issues of SSH access control in high-security environments.

Assess, Discover, Monitor, Remediate, Manage

We take a project driven approach to bringing an SSH environment under management control. Our approach is non-intrusive and enables a zero-disturbance deployment to production and corporate processes. We are the original inventors of SSH, and we lead the market in SSH key management - our experience and know-how guarantee successful deployments of access control for your critical infrastructure.

Stages of an SSH Key Management Project

Features

Non-intrusive deployment - Agentless, agent, and hybrid deployment models for easy and quick discovery

Scalable architecture to meet the needs of the challenging on-premise and cloud environments

Comprehensive platform support across Windows, Unix, Linux, and z/OS Mainframes.

Support for multiple variants of SSH including OpenSSH, Tectia SSH, Centrify, Quest, Attachmate, Bitvise

Policy-based controls for ease of visibility, provisioning, de-provisioning, remediation, and full key lifecycle automation

Centralized configuration management for access lockdown and control

REST API for ease of integration into your existing identity access management infrastructure

User portal for application owner identity management enablement and simple 3rd party access provisioning

Benefits

Achieve compliance to regulatory requirements (such as Sarbanes-Oxley, PCI-DSS, HIPAA Security Rule, and others). Assured compliance means painless and smooth audits.

Reduce risk of security breaches. Unmanaged SSH keys expose organizations to deep-level security breaches that are difficult to detect and may have grave consequences.

Reduce cost by centralizing and automating work-intensive and error-prone IT maintenance tasks such as SSH key rotation and lifecycle management.

universal-ssh-key-manager

Further Reading

Read more on SSH key management and regulatory compliance.

Gain visibility into the state of your network with SSH Risk Assessment.

Read the IDC whitepaper on SSH and IAM - The gaping hole in IAM.