 "CyberArk expands privileged account security solution to include SSH key management")
[caption id=“attachment_104126” align=“alignnone” width=“300”]
Representational image. Reuters[/caption]
CyberArk has introduced Secure Shell (SSH) key management with the release of version nine of the CyberArk Privileged Account security solution. According to the security-focused firm, users can now secure and manage SSH keys as well as other privileged credentials in a single, integrated platform to identify, manage and protect against advanced external attackers and malicious insiders.
Widely used by IT teams to get direct, root access to critical systems, SSH keys are often created without any oversight or management, essentially providing ongoing, uncontrolled privileged access to the target system. Research by Ponemon Institute showed that three out of four enterprises have no security controls in place for SSH keys and that 51 per cent of enterprises have already experienced an SSH key-related compromise. Further, because SSH keys are commonly used in automated application-to-application authentication, keys can be created, distributed and never thought of again, leaving systems riddled with unknown and undocumented vulnerabilities ready to be exploited.
“Cyber attackers know that hundreds of thousands of SSH keys exist in large enterprises and they exploit this situation to gain privileged access to critical systems. In an attempt to simplify trust and connectivity, organisations unwittingly leave giant holes in their defences,” said Roy Adar, vice president of product management, CyberArk.
According to the company key benefits of the new feature include being able to securely manage privileged accounts accessed through passwords or SSH keys from a single platform to protect, detect, monitor and respond to potential threats. Users can also discover how many SSH keys exist, where they are located, how they’re being used and the potential risks they pose. SSH keys can be protected from being stolen by securely storing them in a hardened, central storage location and ’timeless’ keys that create a permanent backdoor into critical systems can be eliminated by automatically rotating all SSH keys at regular intervals.