The National Institute of Standards and Technology (NIST) has issued a set of recommended guidelines for the use of Secure Shell (SSH) in automated access management. These guidelines encourage organizations to proactively protect SSH keys and control SSH sessions to better secure the sensitive data accessed using SSH. Recommended control areas include:
- Account management
- Access enforcement
- Least privilege
- Auditing and monitoring
- Risk assessment
- Identification and authentication
This solution brief outlines the NIST guidelines for SSH and explains how CyberArk solutions can help organizations comply with these guidelines.