SSH.COM Blog

encrypted traffic SSH just-in-time

Treat SSH Keys Like Passwords and Police According...

If you think about it, passwords need to be managed just like SSH keys, and that involves three key requirements: The enforcement of complex or long passwords. Some level of enforcement around the rotation of passwords (we can argue the rotation interval can be argued another time). Controls around who has access to the password. Let’s cover each requirement in more detail. Point 1: Complex or lon...

PAM just-in-time remote work

Re-Thinking Privileged Access Management in the Ag...

SSH Research: Bad PAM tools lead to bad security habits. Why simpler security is safer.

Journey towards SaaS- cooperation with Hanze Unive...

Background Managing access to critical infrastructure has always been a challenge, moving to elastic cloud environments makes it even harder and more time critical. How to make sure that the right people get access to the right resources at the right time? At the same time companies and organizations are struggling with manpower and resources. They do not have the time and money to start large IT-...

PAM just-in-time remote work

KuppingerCole: SSH.COM one of the Leaders in Privi...

We are proud to be included in KuppingerCole’s "Leadership Compass 2020: Privileged Access Management" as one of the Overall Leaders. A direct quote from the report: “The PAM market is becoming more competitive and size alone will no longer keep vendors at the top. This is especially true in a period when vendors like SSH.COM can go from Challenger to Leader in one year due to a strong focus on te...

Privileged Access Management SSH Keys passwords SSH hack just-in-time

More IT security headaches for businesses, caused ...

Two more security events occurred, once again caused by having inadequately-secured standing privileges, and unmanaged SSH keys freely roaming around your IT environment. This is exactly why we strongly advocate companies either removing permanent standing privileges (like passwords) or take management of their access credentials (like SSH keys) more seriously.

SSH RDP just-in-time remote work

Recent WHO and ZOOM data breaches prove the urgent...

Cyberattacks attacks are on the rise once again. High-profile targets like the World Health Organization (WHO) and their top officials are a lucrative target for hackers.  Also, hackers got hold of 500,000 Zoom user passwords. “This is unprecedented for everyone here. We’re doing what we can to mitigate it” is a direct quote from WHO’s chief information officer (CIO), Bernardo Mariano. He also sta...

SSH RDP just-in-time remote work

How to set up secure remote access for employees w...

IT and system administrators are faced with a dilemma: how to ensure people working from home can access specific internal systems securely. Allowing VPN access is not an ideal solution if access is needed only to a particular Windows application or internal website. Another example of specific access: a remote worker would need to transfer files to/from a Linux/Unix/Windows system that under norm...

Zero Trust just-in-time remote work

Make remote work fast & secure for admins, devs an...

For obvious reasons, a vast majority of your system administrators, DevOps teams and software engineers are forced to adopt remote work habits right now. They are called privileged users for a reason, since they access to business-critical databases and maintain IT infrastructures. But are security controls under threat now that this shift was so sudden? The same applies to non-privileged users as...

Zero Trust just-in-time

PrivX: the passwordless and partly patented PAM

A few days ago, we announced that The United States Patent and Trademarks Office (USPTO) has granted SSH.COM a patent (US10523445), which covers secure passwordless access to hosts in hybrid networks comprising on-premise and cloud resources. This technology is used in our lean privileged access management (PAM) solution called PrivX. We believe in passwordless IT infrastructures As IT workloads m...

identity and access management partners Privileged Access Management

SSH.COM and Digital Information Technologies Form ...

The partnership will help enterprises mitigate the risks of privileged credential abuse and streamline operations as they move to multi-cloud environments.

Author

Want to be the first to know about new blog posts?

Fill in you email address and be the first to know about it. 

Subscribe to Email Updates

SSH.COM is one of the most trusted brands in cyber security.

We help major enterprises solve the security challenges of digital transformation. We design best-of-breed commercial solutions for secure access that help our customers win in the global data economy.

Read more about our SSH.COM

Latest posts from the SSH.COM blog