SCREENSHOT_UKM_home
Universal SSH Key Manager®

Why do enterprises keep selecting UKM?

We designed UKM together with the biggest and most successful financial and industrial companies in the world. We work together with our UKM customers to get fast results with zero disruption. We invented the SSH protocol and we have the world's best SSH expertise.

UKM technologiesCase studies

SSH.COM IS TRUSTED BY MORE THAN 3000 LEADING COMPANIES WORLDWIDE

What types of organizations deploy UKM? 

Organizations at risk from large numbers of undiscovered or unmanaged SSH Keys include:

  • Large organizations with valuable IP, trade secrets or critical services on own or third party server estates.
  • Companies with large numbers of interactive and machine-to-machine server connections for e.g.  data processing, industrial processes, financial transactions, software development, etc.
  • Highly regulated industries e.g. finance, healthcare, energy and utilities, transport and logistics, utilities, media and telcos, federal/state.
  • All organizations at risk of IT security audit failure.
  • Enterprises and government agencies that have had significant IT operations for longer than 10 years.

How do we help UKM customers solve SSH security problems?

Retail

Prevent PAM bypass

IT management at a big box retailer found admins were bypassing their Privileged Access Management (PAM) with ad hoc SSH key generation.

SSH Risk Assessment discoveries:

  • Unprotected master private keys on all servers
  • Unauthorized connections from non-prod to prod
  • Small user group with massive untracked key inventory
  • Non-policy compliant, IT audit failure point

Read more about 5 ways to bypass PAM here>>>

The UKM solution:

  • 1m keys taken under management
  • 0.5m unauthorized keys over 5 years old immediately remediated
  • Automation and regular reports on entire key inventory
  • PAM bypass mitigated, policy compliant
Shield

Remedy a failed IT audit

A large investment firm failed an internal audit over lack of control over internal access to sensitive assets.

SSH Risk Assessment discoveries:

  • Users had direct access to production environment outside of the company’s PAM system
  • Attempts to use the company’s PAM to rotate passwords and enforce ticketed access to production had failed
  • Unauthorized users had access to the servers that should have been the most secure

The UKM solution:

  • Secure server group alerts for unauthorized user accounts
  • Leveraged UKM API for custom IAM automations
  • Internal access to sensitive assets audit problem solved
Secure-file-transfer

Replace a struggling in-house SSH solution

One of the world’s largest technology companies developed their own solution for SSH key creation but it was not able to monitor the estate or manage keys.

SSH Risk Assessment discoveries:

  • Multiple shared keys in use with access to over 30,000 servers
  • SSH keys over 20 years old running critical business processes
  • In-house solution unable to scan, monitor or remediate keys

The UKM solution:

  • Full visibility too the entire SSH key environment in one console
  • Leverage UKM APIs for automated key deployment
  • 100% legacy keys remediated and brought up to modern quantum-resistant encryption standards without breaking critical processes
Hourglass

State-mandated SSH Key control

A regional financial authority mandated comprehensive SSH key management for a major international bank when it failed an audit.

SSH Risk Assessment discoveries:

  • System administrators had direct access to root accounts across the server estate
  • Direct connections to production servers from development with no device restrictions
  • No control or visibility into over 10m annual SSH connections

The UKM solution:

  • 95% of SSH keys discovered were unused and deleted
  • 100% of keys made policy compliant with assigned owners
  • UKM integrated with Ansible to deploy keys required at build time
Priviledged-access-management

Gain compliance for billions of connections

A major financial institution’s test lab found no processes for SSH key management and needed to meet compliance standards

SSH Risk Assessment discoveries:

  • 200,000 non-policy compliant SSH keys
  • 500 root access keys over 10 years old
  • Over 90% of private keys not protected with passphrases
  • One account had over 500 copies of the same private key across multiple servers

The UKM solution:

  • All non-policy compliant keys flagged and remediated, with alerts for policy violating new keys
  • Over 1.5bn key-based logins managed in 3 years since deployment
  • Successful compliance audit
SSH-Academy

Find out more about enterprise UKM customers in our case studies

Case studies

The universal lifecycle solution

Our approach is unique, combining patented technology for non-intrusive SSH key discovery and reporting, with universal lifecycle automation for all open source SSH keys, Centrify, Attachmate, Bitwise etc.

One of the first things SSH did was to demonstrate the scope of the problem. Their SSH key discovery tool showed us that the problem was even more widespread and serious than our auditors were saying.

Financial services IT manager

SSH’s technical deployment team found we had over 1.5 million SSH user keys distributed across our entire infrastructure, including over 150,000 user keys granting root access, with no records as to who was in possession of the corresponding private keys.

Global bank IT manager

Read in-depth about UKM customer cases

New_A_global_financial_institution_regaining_control_of_trusted_access
UKM Case Study

Finance compliance audit success

Learn how SSH.COM helped one of the world’s largest banks solve compliance issues stemming from lack of governance over the SSH Keys used to access critical business systems.

 

Read more

New_Case_study_top_15_global_bank_restores compliance and reduces risk with universal SSH key manager
UKM Case Study

Prevent PAM bypass and regain control

A famous bank's internal security audit showed their development team had found a way to self-provision SSH access across production systems, by-passing access control systems in place.

 

Read more

 

New_Case_Study_Robust_Time
UKM Case Study

Securing a Financial IT  Key Environment

This global big data analysis firm deployed UKM  to fully integrate with their AWS-hosted service to meet customer demands for secure access controls to data hosted in the cloud.

 

Read more

 

Get full UKM technical specifications

 Our unique technologies enable the analysis of vast SSH key estates, remediation tools and the automation of policy compliance.

UKM technologies