We promise to send you awesome stuff you'll want to read more than once.
Editor's note: This blog post was originally published on February 4, 2020 and was updated to include details about the second and third patent granted for PrivX and to highlight the recognitions from the KuppingerCole analysts group. Early last year, we announced that The United States Patent and Trademarks Office (USPTO) has granted SSH.COM a patent (US10523445), which covers secure passwordless...
Editor's note: this blog was posted originally on December 19, 2019 and has been updated with more links and other tweaks. Cloud environments today require modern tools for cloud access management. Traditional PAMs, while useful for enterprises’ on-prem environments, have some limitations where cloud is involved however. Fast-moving cloud teams require elasticity and scalability that modern access...
If you think about it, passwords need to be managed just like SSH keys, and that involves three key requirements: The enforcement of complex or long passwords. Some level of enforcement around the rotation of passwords (we can argue the rotation interval can be argued another time). Controls around who has access to the password. Let’s cover each requirement in more detail. Point 1: Complex or lon...
SSH Research: Bad PAM tools lead to bad security habits. Why simpler security is safer.
Background Managing access to critical infrastructure has always been a challenge, moving to elastic cloud environments makes it even harder and more time critical. How to make sure that the right people get access to the right resources at the right time? At the same time companies and organizations are struggling with manpower and resources. They do not have the time and money to start large IT-...
We are proud to be included in KuppingerCole’s "Leadership Compass 2020: Privileged Access Management" as one of the Overall Leaders. A direct quote from the report: “The PAM market is becoming more competitive and size alone will no longer keep vendors at the top. This is especially true in a period when vendors like SSH.COM can go from Challenger to Leader in one year due to a strong focus on te...
Two more security events occurred, once again caused by having inadequately-secured standing privileges, and unmanaged SSH keys freely roaming around your IT environment. This is exactly why we strongly advocate companies either removing permanent standing privileges (like passwords) or take management of their access credentials (like SSH keys) more seriously.
Cyberattacks attacks are on the rise once again. High-profile targets like the World Health Organization (WHO) and their top officials are a lucrative target for hackers. Also, hackers got hold of 500,000 Zoom user passwords. “This is unprecedented for everyone here. We’re doing what we can to mitigate it” is a direct quote from WHO’s chief information officer (CIO), Bernardo Mariano. He also sta...
IT and system administrators are faced with a dilemma: how to ensure people working from home can access specific internal systems securely. Allowing VPN access is not an ideal solution if access is needed only to a particular Windows application or internal website. Another example of specific access: a remote worker would need to transfer files to/from a Linux/Unix/Windows system that under norm...
For obvious reasons, a vast majority of your system administrators, DevOps teams and software engineers are forced to adopt remote work habits right now. They are called privileged users for a reason, since they access to business-critical databases and maintain IT infrastructures. But are security controls under threat now that this shift was so sudden? The same applies to non-privileged users as...
We help major enterprises solve the security challenges of digital transformation. We design best-of-breed commercial solutions for secure access that help our customers win in the global data economy.
