Are you in control of your SSH, or is it in control of you?
Many organizations use SSH to secure their critical data and applications. This requires the creation of a new key pair for every new application, user, and automated service account. The challenge is that over time, thousands of SSH user and host key ‘pairs’ are created, but it’s unclear what they are used for or which system they pertain to.
Industry experts recommend retiring and updating key pairs at least every two years. However, this is extremely difficult to do because it’s nearly impossible to determine if they are still in use.
Core Privileged Access Manager (BoKS) protects you from the shortcomings of standard SSH software.
How We Help You Gain Control
Centralize User Management
Switch roles, accounts, passwords, and keys off immediately when a staff member leaves
Create Meaningful Roles
Attach SSH access policies to meaningful business and technical roles instead of individual users
Manage Keys Easily
Define where keys are used and made available automatically for SSH sessions without the ongoing burden of assigning staff to handle key distribution
Simplify SSH Authentication
Reduce the administration involved in SSH authentication by centralizing all SSH authentication methods
Enforce SSH Protocols
Establish which SSH protocol “doors” can be used, and where. For example, allow SSH Shell, but block SSH Tunnelling with the same SSH key
Centralize Session Logging
Eliminate one-off session logs with a single view of all logging activity
Forego External Scanning Tools
Detect historical SSH keys throughout your infrastructure without costly external scanning tools. If akey is not registered with Core Privileged Access Manager (BoKS) and associated with the correct user and “door,” it cannot be used
Avoid Suspect Policies
Avoid using policies defined by mal-configured local SSH configuration text files or files that your staff or technical support partners have altered
The Benefits of SSH Key Management with Core Privileged Access Manager (BoKS)
Meet Compliance Requirements
Quickly meet the access/authorization regulations required by SOX, HIPAA, GLBA, PCI DSS, FDCC, and FISMA.
Reduce Admin Overhead
Centralizing policy and audit data greatly reduces the administration and overhead normally associated with SSH key use, including deployment across infrastructures and lifecycles.
Clearly define which SSH sub-protocols are associated with SSH keys/credentials instead of giving blanket access to an operating system.