Most largeorganizations use SSH across at least1,000 systems or more.
USER NAME
PASSWORD
// Is your risk bigger than you think?
// Are your SSH keys untracked, unmanaged and unmonitored?Even though SSH keys grant privileged access
open for attackers when theyOrganizations leave the door
don’t configure SSH to limit use.
// How often do you rotate SSH keys? Odds are, not enough.
Nearly 50% don’t rotate annually, if ever.
Over one-quarter don’t apply any of these SSH auditing practices.
// Are your auditors overlooking SSH?
Only half review entitlements and even feweraudit other SSH security best practices.
// What if your SSHkeys require remediation?
Don’t let weak SSH key management open the doorto a network compromise. Learn how Venafi can
help you protect your SSH keys.
Learn more about how Venafi can help
your company protect its security foundation.
Visit venafi.comDimensional Research. SSH Study on SSH Management and Security Practices. 2017.
Prevent Port Forwarding Limit Use by Location
NO
48% 49%
YES52%
NOYES51%
Auditing Practices
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Port forwarding policy
Review of entitlements
Control of key files
Rotation and retirement
None of these
51%
46%
43%
33%
27%
Don’t know 7%
Rotate at leastquarterly 23%
Rotate biannuallyor annually 22%
Rotate less than annually 28%
Don’t rotate 20%
Frequency of SSH Key Rotation
// Are you giving cybercriminals SSH access?
Only 10%have a complete
and accurate SSHkey inventory.
// Got SSH visiblity?
61% allow users toconfigure their own
authorized keys.
59% let mostadministrators manage
SSH keys for systemsthey control.
Are you part of the 90% without visibility into all SSH trust relationships?
// Is your PAM missing SSH?
Only 47% require annual entitlement reviews.
And Privileged Access Management (PAM) solutions don’t cover SSH keys used to automate machine-to-
machine authentication—leaving these critical business functions at risk.
Where are my SSH keys?
// OH, SSH IT!Most organizations lack the visibility and security policies to safeguard the privileged access provided by SSH keys
Are you prepared to act quickly?
If not protected, these keys can becomethousands of potential breach points
Without SSH key rotation, you could be at risk ofrepeated unauthorized access—indefinitely.