Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

4/25/2012
01:34 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SSH Communications Security Unveils SSH User Key Management Solution

Solution is first new extension of its SSH Information Integrity Platform

London, UK – April 24th, 2012: SSH Communications Security, known the world over as the inventors of the SSH protocol, unveiled today at Infosec 2012, London the first new extension of its SSH Information Integrity Platform, SSH User Key Management. The module will serve to provide enterprises the ability to identify, organise and maintain trust relationships of applications, user and service accounts to their respective target SSH and OpenSSH servers through the management of public and private keys.

In a separate announcement, SSH Communications has appointed HANDD, the International Security and Compliance specialist, as its distribution partner in Europe, Middle East and Asia. HANDD will operate an SSH centre of excellence that provides 24/7 global support to over 50 enterprise customers, including four of the UK’s largest banks.

“Enterprises most critical data and applications are often transported and housed on SSH and OpenSSH servers. Those enterprises using public key authentication to manage access to those servers are faced with a significant challenge today in terms of knowing who and what may access those servers. This is not only a major security and compliance risk, however it is also a cost issue, whereas many organisations manage this function manually with little or no oversight,” states Tatu Ylönen, CEO of SSH Communications Security.

The Universal SSH Key Manager will function as an extension of SSH’s ability to control and manage another facet of the SSH infrastructure already prevalent in today’s enterprises. SSH already has the ability to centrally manage configurations, deployments, policies and host keys for its own commercial Tectia SSH variant as well as OpenSSH.

“We are excited to work closely with our key customer pilots to ensure that we address the primary problems they face today in managing their SSH environment. We have approached solving this problem from the perspective that any solution we provide must improve process, decrease operational costs, mitigate the current risks they face in managing their SSH user keys and finally ensure that they are compliant under PCI-DSS, SOX and HIPAA standards,” summarised Matthew McKenna, Head of Sales and Marketing.

On the SSH Communications and HANDD partnership, Anthony Hodges, CEO HANDD commented: “Today SSH is one of the most widely used security protocols in the world with over 3000 global organisations using the data-in-transit solution for moving information. While organisations have enjoyed a robust security solution preventing both internal and external data losses, managing the SSH key overhead has become a colossal task.”

Continued Hodges: “Enterprises are facing huge manpower and cost implications as auditors demand regular host SSH key rotation as part of their security policy and a FTSE company is estimated to typically spends over $2 million a year managing this overhead. The arrival of SSH in the market will provide enterprises with a solution to manage the SSH overhead and significantly mitigate security risks.”

For further information visit: http://www.handd.co.uk/solutions/ssh-key-management

- end –

SSH Communications Security

Founded in 1995, SSH Communications is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe, including 7 of the Fortune 10, trust our Information Integrity Platform to secure the path to their information assets. We enable and enhance business for thousands of customers in multiple industries in the private and public sectors around the world. We operate in the Americas, Europe, and APAC regions, with headquarters located in Helsinki, Finland. The company holds 15 patents and its shares are quoted on the NASDAQ OMX Helsinki.

For more information on SSH Communications Security please visit www.ssh.com

HANDD Business Solutions

HANDD are Independent Experts in the Provision of Data Centric Security and Compliance Solutions for some of the largest public and private sector companies across Europe, Middle East and Asia.

In partnership, with the world’s leading MFT software vendors HANDD offers its customers optimum visibility and control of their data exchanges and the best solution to meet business requirements. HANDD has a team of Data Security experts that provide design and installation project management, training, professional services and 24/7 technical support.

For more information on HANDD please visit http://www.handd.co.uk/

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4682
PUBLISHED: 2021-01-28
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509.
CVE-2020-4888
PUBLISHED: 2021-01-28
IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker co...
CVE-2020-13569
PUBLISHED: 2021-01-28
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can...
CVE-2021-20620
PUBLISHED: 2021-01-28
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2021-20621
PUBLISHED: 2021-01-28
Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.