Subscribe to the InfoTech eNewsletter

infoTECH Feature

July 25, 2012

SSH Improves Data Loss Prevention for Encrypted Interactions with CryptoAuditor

For those of you enjoying the Black Hat cyber security event in Las Vegas, stay cool and consider stopping by the SSH Communications (News - Alert) booth for a demonstration of the company’s  new CryptoAuditor.   In a world where more and more business is being conducted online, the need for encryption, and the proper oversight of the activity, has never been more critical. The emerging area of comprehensive information assurance is something to be informed about. 

FYI, for those not familiar with Black Hat, it is an annual gathering of the security industry’s best and brightest (including pros from industry, government and academia and even the hacker community) for a communal peer group review of highly technical information in a strictly vendor-neutral environment that is focused on the sharing of practical insights and timely, actionable knowledge.  

 Extending the reach of information assurance  

A combination of powerful forces are driving IT managers to ensure risks to transmittal can be mitigated to the best extent possible, and assure that threats can be monitored, and results can be audited an analyzed to improve security proactively. Pressure for greater encryption and more sophisticated tools for assuring it is working for internal interactions and those outside the enterprise networking boundaries is mounting exponentially. It is coming from such things like the bring your own device (BYOD) phenomenon, the virtualization of work, a host of new compliance mandates and a variety of other security risk management challenges.   

Just as background, SSH is a network protocol for secure data communication, remote shell services or command execution and other secure network services. As the company explains, the highly popular encryption SSH protocol (called “the gold standard” for data-in-transit security solutions that is used by over 3,000 customers worldwide), is being greatly enhanced.  

CryptoAuditor is designed to help prevent data loss across encrypted secure shell, RDP and SFTP traffic with inline, real-time and transparent audit capabilities. SSH says it is “a minimally-invasive enterprise privileged user access auditing solution.”  It is the second module released this year as part of the company’s Information Assurance Platform (IAP), joining it the Universal SSH Key Manager module.

Matthew McKenna, SSH vice president of sales and marketing stated, “With the launch of CryptoAuditor, SSH provides the next logical extension to our platform, a fully transparent, centralized privileged access auditing solution, delivering strong data-in-transit security that requires no changes to existing network architecture.” It was also noted that the Universal SSH Key Manager module and the CryptoAuditor module integrate smoothly into existing enterprise security solutions – including DLP and SIEM – providing deeper audit and forensics capabilities into encrypted traffic.

Both modules employ sophisticated key management capabilities, including group-based access controls and automatic key discovery, deployment and removal. This means the two modules provide fully transparent inline deployments that deliver strong security, minimal system latency, operating cost reduction and the ability to deploy a single-sign-on effect throughout the entire enterprise.

Where CryptoAuditor fits

One way to think about what CryptoAuditor does and where it fits is as a powerful yet non-intrusive performance monitor of a secured environment. The graphic below illustrates the point.

Jason Thompson, SSH director of global marketing said that, “Our platform’s key management capabilities provide controls over who can gain access to what information in your secure shell environment… By combining our key management capabilities with CryptoAuditor, organizations will see immediate ROI by solving issues surrounding auditing, control and key management.”

Benefits cited include:

  • Inline deployment eliminates costly and time-consuming workarounds and processes
  • Risk reduction from advanced external threats by controlling and monitoring information as it moves across the environment, preventing data loss with an internal policy engine and DLP/SIEM integration capabilities
  • Immediate control and accountability over privileged access users
  • Minimally invasive approach that captures a broad array of traffic across all needed audit points while remaining transparent to administrators
  • Designed for deployment across distributed architecture, making management easy through a one-console approach

In discussing the power of moving to the SSH IAP with TMC (News - Alert), Thompson also highlighted that along with significantly cutting the costs of current key management that has historically been mostly manual, “business administration costs will be drastically reduced, the extensibility to account for the BYOD and cloud improves visibility and control into all of the risks that need to be evaluated and possibly mitigated, and having better control over not just data at rest but data in transit is crucial.” This goes well beyond just watching out for issues in client-server architectures.

At the end of the day, IT asset managers need the best tools available for assuring the security of the assets for which they have ultimate responsibility. With C-levels in many cases now looking at all aspects of enterprise performance in real-time on their tablets (and to some extent their smartphones), all they want is peace of mind that they are operationally secure and that mission critical information cannot be compromised. They may not care to know how and why, but they do care about the need to secure what needs to be and respond rapidly when there are anomalies. 

Those concerns are not bad context as to why encryption is so (excuse the expression) key, and why taking a holistic approach that provides those responsible with an economic way to be able to provide improved security along with the ability to document compliance and act to both remediate risks and become more proactive to avoid them is something for which attention should be paid. 

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2012, taking place Oct. 2-5, in Austin, TX. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. For more information on registering for ITEXPO click here.

Stay in touch with everything happening at ITEXPO. Follow us on Twitter.

Edited by Brooke Neuman

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers