As with any compliance framework we face, and we know many exist today, it is best we assess our state of compliance before an auditor arrives at the proverbial door. PCI DSS is one framework many payment organizations are dealing with on a day to day basis to help protect and safeguard their customerspayment information.Keep Reading
This year, SSH Communications Security celebrate the 20th anniversary of the Secure Shell protocol, which was invented by our Chief Innovation Officer Tatu Ylönen. Our history makes us one of the pioneers of cybersecurity, but our innovative thinking keeps us in the forefront of the field.Keep Reading
Enterprises often have more Secure Shell identities than employees, and just as with employees, there must be a central management entity tasked with oversight of those identities.Keep Reading
You may have heard that CryptoAuditor is now certified as VCE Vblock Ready. Here's what it means in a nutshell:Keep Reading
Cloud computing in Asia Pacific is growing constantly in importance, increasing demand for cloud security. In mid-August, we participated in CloudSec Hong Kong, one of the leading cloud security conferences in Asia Pacific.Keep Reading
What is CryptoAuditor?
Modern IT systems are run by third parties – contractors, SaaS and IaaS providers, external administrator companies – to enable businesses to focus on creating value and getting new business, not having to worry about their infrastructure. Today, over 60% of enterprises have third parties accessing their networks remotely. This trust is sometimes exploited, in fact 95% of data breaches involve privileged credential misuse. Most of the time, CIOs have no idea what is going on in their network since trusted accounts can operate freely, under encrypted cover, like Tommi Lampila's recent post outlined.
CryptoAuditor is a robust, proven security infrastructure product that has traditionally been implemented as a virtual appliance running on premise. In July 2015, SSH Communications Security announced that CryptoAuditor is also available through the AWS Marketplace - as the only product of its kind in the world. Now you can deploy CryptoAuditor on premise into any VMWare or Hyper-V virtualized environment from a .iso image, as well as a readymade AMI right from the AWS Marketplace!Keep Reading
Contrary to public perception, the world did not stop for the holidays. SSH Communications Security has been moving, expanding and developing with fast pace during the summer and we have facts and figures to show for it.Keep Reading
Enabling Data Loss Prevention Tools for Encrypted Channels and File Transfers
Year 2015 marks the 20th anniversary of the first release of the Secure Shell protocol. Network encryption has become ubiquitous over the last two decades, driving critical communications and transactions within and between networks. Consumers use encrypted communications on a daily basis – often unwittingly – to communicate securely with their peers and to purchase goods and services online. Enterprises encrypt critical transactions between business applications and file transfers of sensitive business data.
Encryption of privileged user access and the transfer of sensitive customer and financial data is recognized as a baseline security control mandated by compliance programs governing the payment card and banking industries. Most organizations have deployed network encryption to fulfill these security and compliance policies, and to protect the integrity of their business operations. Network encryption is a vital aspect of today’s global communications, transparently entwined in the very DNA of our digital work and life – but it does represent a double-edged sword. The other "edge" of encryption being that it does exactly what one would think – protecting session contents from examination between the communication end-points, rendering network defenses ineffective.
Together with our local partner DIT, SSH Communications Security participated in one of the biggest IT exhibitions in Japan: Interop Tokyo. With close to 140,000 visitors in 3 days, DIT and SSH’s joint booth managed to attract attention from many of these visitors, especially with the new version of our CryptoAuditor, a network-based virtual appliance that has the capability to control, monitor and audit encrypted administrator sessions, as well as file transfers.
Many local Japanese representatives of major enterprises were actually fascinated by CryptoAuditor’s ability to monitor encrypted traffic without disrupting the existing business systems.
There are also many large enterprises in Japan using various versions of Secure Shell that have started to realize the problems that arise with SSH key management.
With the increased interest in both of our major solutions for SSH key management and monitoring encrypted traffic, we have decided to open a new office in Tokyo, Japan. We recognize the strategic importance of Japan in today’s global IT security market, and the office will focus on supporting sales and service operations for current partners and distributors. Also, earlier this year, we announced a new business alliance and distributor agreement with Fujitsu SSL.
We encourage all our current Japanese customers, business partners, and anyone interested in our solution in Japan to get in direct contact with us!
SSH Communications Security, Japan office
Yamato Building 8F
5-27-3 Sendagaya Shibuya
Tel: +81 (3) 6865-6565
In early June, Microsoft announced something that surprised many; namely that they will be supporting Secure Shell (SSH) in their PowerShell tool used by many system administrators, developers and power users. The move would make not only the SSH client native on Windows, but would also make the SSH server native as well. Microsoft would also contribute code to the OpenSSH project – huge news to anyone who has followed the history of Microsoft and openKeep Reading