Secure Shell authentication management has suffered from poor governance for years.
A recent study conducted by IDC found that the responsibility for provisioning and de-provisioning SSH keys rests with multiple stakeholders.
Welcome to "IDC TECHNOLOGY SPOTLIGHT:
SSH Governance Is Needed to Reduce Risk and
Bridge the Trusted Access Gap."
This IDC white paper examines:
Criminals can take advantage of a lack of governance to use valid SSH keys in order to bypass security controls and quickly move laterally in the corporate network to sensitive resources.
It is essential that organizations gain visibility into and control over SSH key management. Data breaches stemming from stolen account credentials and hijacked accounts continues to rise.
Download the IDC white paper and learn more eliminating your risk from unmanaged SSH Keys >
SSH keys are ubiquitous. Administrators use them to securely manage critical systems remotely and to automate data exchange between applications.
The irony is that poorly implemented policies and monitoring and enforcement mechanisms have resulted in a false sense of security.
Today, organizations are swamped with thousands of unmanaged SSH keys, some of which have long been abandoned or never revoked.
Auditors are increasingly requesting documentation to prove that SSH key management is being monitored. Many large organizations are unable to demonstrate to auditors that they can find and track all the keys in their environment that grant systems access. In any regulated industry, this is unacceptable.