NISTIR 7966 Security of Interactive and Automated Access Management Using Secure Shell (SSH)

Reduce Secure Shell risk. Read NIST 7966.

The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.  

Download this document to learn how you can assess your environment and use automated SSH key management solutions to significantly decrease risk associated with SSH keys.

For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events.   CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.

Download the NIST 7966 white paper

In the NIST white paper you will learn about:

  • The hidden risks of poorly managed SSH identities
  • Why NIST is focusing on the SSH protocol
  • How to adopt best practices for SSH key management
  • Mapping of NIST 7966 to industry best practice controls

"Boards must include SSH key management in their organizations' risk management strategy."

NIST identified key management as a risk factor

The SSH protocol is found on millions of servers and used in approximately 90% of data center environments.

The Computer Security Division of NIST concluded that poor SSH access controls within Information Technology (IT) environments constitute a major operational and security risk. The publication NIST IR 7966 contains vital information on mitigating the risk of SSH key management for government agencies and commercial operations.

The next step: get your SSH environment on the radar with a non-invasive scan. Take decisive action.

Book a free SSH.COM Risk Assessment