However many organizations don’t have the necessary controls in place around their SSH keys for automated processes to protect against potential hackers, the study found. Only 44% of the organizations in the study said they are monitoring the logins and activities of their keys’ privileged users.
[For More of Our Security Coverage, Check Out: 7 Security Predictions for 2014 from Booz Allen Hamilton]
This lack of security controls is largely due to a misunderstanding of the role of secure shell in data security, SSH’s Thompson notes. While 68% of the survey respondents said that data security was a critical priority, only 25% said the same about machine-to-machine security. “Many companies just haven’t thought about secure shell controls,” he says. But “if anyone has malware in that environment, the organization would have a real challenge. This is where some of the most critical data often is.”
Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio