<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TR8PWW" height="0" width="0" style="display:none;visibility:hidden">

SSH Blog

May 25 2016

The never ending cycle: Cybersecurity, regulatory compliance & audit!

In my recent travels which spanned the globe and included stops in Hong Kong, Singapore and New Orleans, I had the pleasure and opportunity to network with a wide range of technology, security and audit professionals.  In addition to all of the great networking, I was honored to speak at the InfoSec and the ISACA sponsored conferences.

Keep Reading

Apr 28 2016

Third-Party Access Management Fuels SSH Expansion in Southeast Asia


The growing demand for our CryptoAuditor and Universal SSH Key Manager solutions prompted us to expand our footprint in Asia by opening an office in Singapore early this year. The Singapore office is our regional hub for the high-growth Southeast Asian market. 

Keep Reading

Mar 31 2016

OCR Phase II Audit Has Launched - Time To Get Access Under Control

I recently attended the 24th National HIPAA summit in Washington, DC and had the opportunity to mingle and catch up with my compliance peers. I walked away realizing that the HIPAA/HITECH compliance tidal wave is not letting up any time soon.  Listening to healthcare industry leaders and members of the private and government sectors left me to believe that we have a long and tough path to compliance ahead of us.

Keep Reading

Mar 23 2016

Cloud Users and Providers’ Security Needs?

Cloud adoption is gaining momentum in Hong Kong, driven by both the governmental and private sectors. The rapidly growing cloud adoption does however pose some security concerns. How to, for example, address the monitoring of encrypted privileged access in the cloud is a key concern for many.

Keep Reading

Mar 15 2016

How are regulators & governing bodies taking on cybersecurity in 2016

A Little Bit of History (2014 – Today)  You don’t have to go back very far to discover common trends occurring across information security areas in all industries and government agencies as they relate to cybersecurity.   The primary driving factor can be attributed to the never ending spate of breaches which have impacted nearly every type of business regardless of size or sophistication.  This has led to governing agencies or associations to take notice and begin to issue guidance/rules.  Here are just a few which come to mind:

Keep Reading

Mar 02 2016

“Trust is good, but control is better” –  Thoughts concerning third-party privileged access in the cloud

Internet sources cite Vladimir I. Lenin as the origin of the quote in the title. My history knowledge is not deep enough to tell what was the context of the utterance but I am rather certain that the father of the Russian Revolution was not thinking of allowing trusted third-parties access to his ICT infrastructure.

Keep Reading

Jan 04 2016

Shared Account Password and Key Management – Is There an Easier Way?

This blog is a continuation of my earlier blog “Plug and Play or Plug and Pain” on Privileged Access Management (PAM), posted on December 16, 2015. I will dive a bit deeper now into the problem of shared account password and key management and give pointers how SSH’s CryptoAuditor and Universal SSH Key Manager solutions address it.

Shared Account Password Management (SAPM) is a product category of Privileged Access Management (PAM) recognized by many analysts, vendors, and customers.

Keep Reading

Dec 16 2015

Plug and Play or Plug and Pain? How to Manage Privileged Access Effectively without Pain?

So you have a problem with privileged access? Whether it is your own employees accessing critical production systems on a daily basis, or third-party system vendors who need occasional access to maintain the systems, or whether it is machine identities that use privileged accounts for running automated jobs, the underlying problem is the same: Privileged accounts, exactly because of their higher privileges, present a risk and the access to them needs to be controlled and monitored. This is also mandated by several laws and industry regulations.

Keep Reading

Nov 20 2015

HIPAA/HITECH! Another Tidal Wave – Does Anyone Remember Sarbanes-Oxley (SOX-404)?

Keep Reading

Nov 16 2015

Moving in the Right Direction in Secure Smart Nation and Cities

In October, SSH Communications Security joined two conferences in Singapore: GovernmentWare and Cloud Expo Asia. The hot topics at both events were around Smart Nation, aligning with cloud adoption. Singapore’s Smart Nation vision seeks to improve living, transport, healthcare, environment and business, as well as address growing urban challenges powered by ICT, networks and big data.

Keep Reading