You Thought Shadow IT Was Bad? Meet Your Company’s Shadow Administrators
- LANGUAGE: English DATE: Thursday, September 01, 2016 TIME: 11:00am CEST
How lax infrastructure management may turn the ubiquitous security tool into a ticking time bomb
Unfortunately, as opposed to traditional certificate-based public key infrastructures, SSH does not require nor define a central authority for key management, and most organizations leave these functions to end users. With time, this has led to uncontrolled proliferation of keys spread across a large number of servers, devices and workstations, which makes it increasingly difficult to keep track of them, control who has access to where and revoke previously granted access rights.
Can you even tell how many SSH keys are currently deployed across your corporate network? Dozens? Hundreds? For a large enterprise the number is likely to be closer to a million or more. And what access those keys enable, where and to whom? Each of those keys can be a potential security risk or compliance violation. And can you be sure that revoking this particular key won’t disrupt a critical business process somewhere?
This KuppingerCole Webinar covers the following topics:
- The range of applications of the SSH protocol in modern IT;
- The fundamental difference between SSH and Enterprise PKI;
- Security risks and compliance challenges related to unmanaged SSH infrastructures;
- Automation as the crucial component of SSH management;
In the first part of this webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will present an overview of the security and compliance risks of unmanaged SSH keys and demonstrate how severely underestimated this problem is in many organizations.
In the second part, Kalle Jääskeläinen, Vice-president for Enterprise Key Management at SSH Communications Security, will present a solution to this challenge, which combines discovery, monitoring and automated management of SSH infrastructures across multiple platforms.
SSH.COM is one of the most trusted cyber security mavericks. We foster a culture of innovation and purpose-driven engineering to secure access to the digital core.
Since inventing the SSH protocol in 1995, we’ve been safeguarding the digital economy. 3000+ security-aware customers, ranging from “digital-borns” to the world´s largest banks & fortune 500 enterprises, trust our expertise.
Our product promise is built-on the principles of zero-inertia, zero-friction and zero-credential risk.
IGA-Projekte (Identity Governance & Administration) bergen aufgrund ihrer Komplexität diverse Risiken. Diese ergeben sich meistens in der Vernetzung einer komplexen, heterogenen IT-Infrastruktur sowie durch den bereichsübergreifenden Charakter von IGA-Projekten. Wenn man nicht bei jedem Projekt immer wieder von Null anfangen möchte, und auf Erfahrungswerte zurückgreift, können viele Risiken sehr leicht vermieden werden.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.