Organizations are not managing Secure Shell (SSH) in their IT environments, exposing critical systems and data to cyberattacks, according to new research from Venafi. Justin Jett, Director of Audit and Compliance at Plixer commented below.
Justin Jett, Director of Audit and Compliance at Plixer:
“The risk of poorly managed SSH keys is that anyone with one of these keys has access as long as they have a way to connect to the end system. This could be either a server with a public facing IP or an employee that has the key on the local network. Network traffic analytics plays a big part in this by showing you where there are SSH connections on your network. If you see remote SSH connections to internal servers, you likely have a security vulnerability that needs to be addressed. SSH keys should be managed in the same way that Public Key Infrastructure (PKI) is managed. If an organization doesn’t allow most users to sign TLS certificates, they shouldn’t allow users to use their own authorized keys. Unfortunately, with a large number of systems to manage, it is difficult to understand which keys currently exist and for which systems they are being used. A refresh of the SSH key infrastructure would be needed to properly monitor and manage the keys that are being used on critical company systems.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.