SSH Keys: The Overlooked Cyber Security Attack Vector

April 28, 2016 Amy Burnis

In a recent CyberArk blog, we explored the critical role SSH keys play in establishing trust between systems, encrypting communication between such systems, and facilitating strong authentication and secure transactions. Despite the critical role SSH keys play, many organizations inadvertently ignore SSH key vulnerabilities and underestimate the prevalent use of SSH within an enterprise.

One particular area where SSH key security may be overlooked is within an organization’s Unix/Linux environment. Often accessed by privileged users outside of the security realm, these systems house some of an enterprise’s most sensitive assets – from databases and FTP servers to web and cloud applications. While many organizations take steps to protect the root user accounts on these systems, individual accounts and credentials – including SSH keys – used to gain root privileges are often overlooked by security teams. This can leave an organization vulnerable to both malicious and accidental damage to critical systems.

This infographic illustrates the powerful, privileged access SSH keys establish. You’ll also find actionable tips for mitigating risks of cyber attacks in Unix/Linux operating environments. To learn more about locking down SSH keys, please visit www.CyberArk.com/SSH for a library of free resources including a White Paper from IDC: Market Spotlight: Minimizing Cybersecurity Risk with Vigilant SSH Key Management.

SSH Infographic_4 26 16

Previous Article
C³ Alliance Global Technology Partner Program: A Q&A with CyberArk’s  Alliances Technology Expert
C³ Alliance Global Technology Partner Program: A Q&A with CyberArk’s Alliances Technology Expert

The C3 Alliance Global Technology Partner Program brings together key enterprise and security software comp...

Next Article
Enterprise Software, IT Security and Services Providers Build on the Power of Privileged Account Security to Better Protect Customers from C
Enterprise Software, IT Security and Services Providers Build on the Power of Privileged Account Security to Better Protect Customers from C

It’s widely known that 100% of advanced cyber attacks exploit privileged accounts. The number of privileged...