The Problem: Lack of governance over SSH Keys presents a gaping hole in your identity and access management
Secure Shell (SSH) is part of the plumbing of the enterprise. It is the gold standard for securing data transfers and granting remote system access between data centers, Linux and Unix servers, routers, and telecom equipment. SSH user keys provide unlimited access to an organization's trading systems, payment processing systems, databases where credit card information or patient data is kept, routers and switches which keep information flowing efficiently, and file transfer systems which move that data. Imagine uncontrolled access to everything that keeps your business up and running.
These SSH keys grant access comparable to usernames and passwords and have been produced at an exponential rate for years. Large enterprises often have several thousands SSH keys on their systems which never expire -- more than 5x the number of usernames and passwords.
Improperly managed SSH Keys a never-ending nightmare
The problem is there is no control of key creation and what those keys are used for. There is no way to see or manage the keys used for authentication. SSH keys can be easily created and distributed but extremely difficult to control or track. Companies can’t remove access because they don’t know which applications will break. Even more daunting, the keys are not visible to the IT department and never expire. As a result, SSH keys can provide unauthorized root access to critical production, backup, and management servers with the potential to wreak havoc.
In the majority of companies today, SSH is not centrally owned or governed by a particular group within the business. About 10% of all configured Secure Shell keys grant privileged administrative access. In many organizations, 90% of all configured Secure Shell keys are no longer used – they represent a failure to properly terminate access when it was no longer needed.
In one customer case we found over 10,000 privileged keys on their network. Of the 1.5 million keys identified, 10% or 150,000 keys were unknown and ALSO HAD ROOT ACCESS. There was no ability to monitor encrypted traffic and the customer failed their compliance audit.
According to a 2014 Ponemon Study:
A majority of organizations are not securing or managing SSH keys
51% have already experienced a key-based breach
3 out of 4 enterprises are vulnerable to root-level attacks due to SSH management issues
Compliance at risk
SSH key management isn’t just at risk from security breaches; they also appear to be non-compliant with mandatory security regulations such as SOX, FISMA, PCI and HIPAA. These regulations require proper control of access to servers and termination of that access.
Until the release of NIST-IR 7966 there was no authoritative guidance on best practices for SSH key-based access. NIST-IR 7966 recommends ensuring keys are rotated, eliminating static keys, prohibiting automated access that relies on hard-coded passwords, and prohibiting sharing or copying private keys.
The Solution: UKM lets you easily rotate and protect privileged SSH keys
Discover - Trace all SSH keys, map trust relationships, and identify policy violations.
Monitor - Track key usage to determine which keys can be safely removed without affecting operations.
Remediate - Remove keys that should be revoked and bring valid keys under policy compliance.
Manage - Eliminate manual processes, centralize control, enforce compliance, and audit all activity.
Get started today with your free risk assessment. Call SDS at (800) 443-6183.