Unmanaged, orphaned SSH keys remain a serious enterprise risks

There are many ways attackers can try to infiltrate an enterprise, but many times enterprises make it so easy that the attackers don’t have to try too hard. Consider the current state of orphan SSH (Secure Shell) keys and how these keys represent one of the biggest risks in the enterprise.

These keys are a cryptographic network protocol for operating network services and are used for system to system automation and authentication, application integration, system management and other common functions. Should an attacker get ahold of these keys, they could find it very easy to burrow their way deeper into the network.

To better understand the state of SSH security, or insecurity, in the enterprise, we turned to the inventor of SSH, Tatu Ylonen chief executive officer at SSH Communications Security, and author of US National Institute of Standards and Technology Internal Report 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH), and several Internet Engineering Task Force standards.

To read this article in full or to leave a comment, please click here

from CSO Online Data Protection http://www.csoonline.com/article/3196974/data-protection/unmanaged-orphaned-ssh-keys-remain-a-serious-enterprise-risks.html#tk.rss_dataprotection

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s