Search

COMMENTARY
INFORMATION TECHNOLOGY | Contributed Content, Singapore
Published: 10 Aug 12
1089 views


Tommi Lampila

3 challenges in user key management

BY TOMMI LAMPILA

Singapore, as an international city and the regional business and financial hub of Asia Pacific, has been inextricably in line with international standards of excellence.

While the adoption of the PCI-DSS and Sarbanes-Oxley Act (SOX) SOX standards began among North American organizations, multinational companies with global presence are adopting the standards and compliance efforts centred on them are increasing. For example, companies that need to be compliant with PCI-DSS also require their partners that exchange and co-process credit card data, to maintain the compliance.

Early before the development of the compliance requirements, global enterprises have adopted Secure Shell (SSH), a network protocol invented in 1995 for securing data communication. Today over 3000 global organisations use the SSH data-in-transit solution for moving information, including 7 of the Fortune 10 and trends have shown that there is an increase of SSH usage in the financial industry to meet compliance in recent years.

For these enterprises, the most critical enterprise data and applications are often transported and housed on SSH and OpenSSH servers. In order to access the data, user authentication is required. However, in today’s complex enterprise environments, it is nearly impossible to map the trust relationships between individual users, system accounts and application ID’s to their respective targeted destination SSH servers.

Enterprises typically have one or more IMS (Identity Management System) for their users, which usually does not encompass access to all systems and accounts across the enterprise and provides no visibility into user keys keys that provide access to the organizations most sensitive information.

Traditional manual approaches to managing user keys are not only time consuming and expensive; but also easily trigger manual errors in key setups. This not only poses a major security and compliance risk, but has also proven to be cost ineffective.

Challenges in managing keys

1. Compliance
Today the compliance standards are higher and even more specific on user key management. For instance, PCI DSS requires enterprises to “Protect encryption keys issued for encryption of cardholder data against disclosure and misuse.” and “Fully document and implement all key management processes and procedures”.

In addition, the ISO 27001-1 also specifies requirements for key management. Organizations need to expend more effort to comply with the more stringent requirements.

2. High cost
Setting up new keys and trust-relationships in traditionally manual way is complex. It is even more complex to rotate and remove the keys. The more dynamic the environments are, the more key operations are required. The widespread cloud and grid computing adoption has increased the burden of IT departments of many of institutions.

3. Growing risk
According to the IBM X-Force 2011 Trend and Risk Report, there were a large number of automated password guessing attempts directed at secure shell servers in the latter half of 2011.

In addition, the top 10 threat actions types by number of breaches within larger organizations, “Use of stolen login credentials” ranked no. 1, according to 2012 Data Breach Investigations Report by Verizon. The present situation calls for enterprises to seek ways to eliminate complex manual work, reduce risk of unauthorized access, improve visibility and meet compliance.

A logical three phased approach of user keys management The best practice of user keys management to overcome these challenges should include three phrases: discovery, monitoring and management.

First, the legacy environment of existing deployed private and public SSH keys and their associated users are discovered and manual errors and mismanagement in the past are then identified.

Thereafter, this environment is locked down and monitored, and the authorized users are linked to the respective servers via user and group information, as well as the defined access policies.

Finally, the environment is brought under automatic management, and user keys are automatically deployed, revoked, recertified and rotated according to changes in the operational environment and user repositories. 

The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Singapore Business Review. The author was not remunerated for this article.

Tommi Lampila

Tommi Lampila

Tommi Lampila is the Vice President, APAC, SSH Communications Security. 

Contact Information



Sign up for our newsletter

 

Do you know more about this story? Contact us anonymously through this link.

Click here to learn about advertising, content sponsorship, events & rountables, custom media solutions, whitepaper writing, sales leads or eDM opportunities with us.

To get a media kit and information on advertising or sponsoring click here.

Tags: Tommi Lampila, SSH Communications Security, PCI-DSS Singapore, Singapore's enterprise environment, Identity Management Sytem in Sngapore

LATEST INFORMATION TECHNOLOGY JOBS »
PRINT ISSUE »

Subscribe Now
What factors are keeping expats rooted in Singapore?

1245 views

What factors are keeping expats rooted in Singapore?

618 views

Can Asian private equity outgrow the west?

286 views

MOST READ EXCLUSIVES

The 10 richest Singaporeans

The 10 richest Singaporeans

Altogether, their total amount of wealth dropped by 20% to US$32.5 billion.

by KRISANA GALLEZO
13 Apr 2015 | 110003 views
 

16 items that are a tad cheaper in Singapore than in Hong Kong

16 items that are a tad cheaper in Singapore than in Hong Kong

Coffee lovers need not go farther for a cheaper cup of cappuccino.

by KRISANA GALLEZO
20 Mar 2015 | 105369 views

Check out P&G Singapore’s new office with outdoor working spaces

Check out P&G Singapore’s new office with outdoor working spaces

It occupies 6 contiguous floors within The Metropolis.

by LEE ANNE BABIERRA
30 Apr 2015 | 21107 views
 

Singapore’s 8 hottest 40 and under hotel chefs

Singapore’s 8 hottest 40 and under hotel chefs

Check out and be inspired from their humble beginnings before rising the ranks.

by KRISANA GALLEZO
27 Mar 2015 | 14412 views

Chow Tai Fook opens second store in Singapore

Chow Tai Fook opens second store in Singapore

It's a 1,000-square feet new jewellery shop on Orchard Road.

by KRISANA GALLEZO
26 Feb 2015 | 12985 views
 

This is a woman’s world: CRIB launches Singapore’s first business and lifestyle incubator for women

This is a woman’s world: CRIB launches Singapore’s first business and lifestyle incubator for women

Find out what the three key platforms of CRIB are.

by KRISANA GALLEZO
10 Mar 2015 | 8746 views

The New Black hits Singapore with rarest green coffee

The New Black hits Singapore with rarest green coffee

It also boasts of its Impossible Collection curated by the ‘world’s rockstar roasters'.

by KRISANA GALLEZO
5 Mar 2015 | 5438 views
 

All the single ladies: Here’s Singapore’s first female-centric dating app for you

All the single ladies: Here’s Singapore’s first female-centric dating app for you

Its female-friendly features help women find serious daters.

by LEE ANNE BABIERRA
20 Apr 2015 | 5214 views

Get to know the husband-and-wife duo behind the novice 3E Accounting

Get to know the husband-and-wife duo behind the novice 3E Accounting

This local accounting firm expanded from 2 to 35 members in just 4 years.

by KRISANA GALLEZO
24 Apr 2015 | 5096 views
 

Take a sneak peek at Equinix’s $300m international business exchange data centre in Singapore

Take a sneak peek at Equinix’s $300m international business exchange data centre in Singapore

Which took almost a decade to finish.

by KRISANA GALLEZO
27 Apr 2015 | 3652 views

Want to be hands-on with your ideal home setting?

Want to be hands-on with your ideal home setting?

Commune is opening an Experience Centre for meticulous homeowners.

by KRISANA GALLEZO
23 Mar 2015 | 3294 views
 

Office in the sky: How’s having a meeting in the clouds?

Office in the sky: How’s having a meeting in the clouds?

Check out ACL Asia Pacific’s Cumulonimbus, Altostratus and Cirrus rooms.

by KRISANA GALLEZO
1 Apr 2015 | 3250 views

Lazada Singapore CEO Martell Hardenberg talks about his “Happy Customer” philosophy

Lazada Singapore CEO Martell Hardenberg talks about his “Happy Customer” philosophy

Find out what other goals the 27-year-old has for the company.

by KRISANA GALLEZO
27 Mar 2015 | 3150 views
 

LawCanvas saves the day: Easy legal documents in under a minute

LawCanvas saves the day: Easy legal documents in under a minute

The founders revolutionized the legal industry despite having different backgrounds.

by KRISANA GALLEZO
2 Mar 2015 | 2800 views

Take a look inside INSEAD’s $55m leadership development centre in Singapore

Take a look inside INSEAD’s $55m leadership development centre in Singapore

It marks the fulfillment of a vision too ambitious to achieve 15 years ago.

by KRISANA GALLEZO
1 Apr 2015 | 2705 views
 

Le Petit Paradis recently rebranded as Enoch’s European

Le Petit Paradis recently rebranded as Enoch’s European

It’s a full-fledged contemporary European restaurant blossomed from a motorcycle accident.

by KRISANA GALLEZO
22 Apr 2015 | 1446 views

#OnTheContrary campaign reveals the ‘real struggles’ of entrepreneurs

#OnTheContrary campaign reveals the ‘real struggles’ of entrepreneurs

Rags to riches stories are fabulous, but here’s the real deal.

by KRISANA GALLEZO
27 Mar 2015 | 1266 views
 

Find out what it’s like going into business with your in-law

Find out what it’s like going into business with your in-law

A young entrepreneur teamed up with his father-in-law to redefine home entertainment needs.

by KRISANA GALLEZO
27 Mar 2015 | 1058 views

What is the future of the sports business in Singapore?

What is the future of the sports business in Singapore?

Can a new billion-dollar stadium give Singapore the edge it needs to compete for world-class sporting events?

by STAFF REPORTER
20 Mar 2015 | 877 views
 

Fragrance Du Bois to launch a new scent this year

Fragrance Du Bois to launch a new scent this year

Also, check out its pop-up boutique at TANGS Orchard open until April 26.

by KRISANA GALLEZO
17 Apr 2015 | 829 views

This bold ad film tells you what happens when maids are not given their due day off

This bold ad film tells you what happens when maids are not given their due day off

‘Mums & Maids’ generated 5 million views in 5 days.

by KRISANA GALLEZO
7 May 2015 | 687 views
 

HAITE Group launches its first aviation training center in Singapore

HAITE Group launches its first aviation training center in Singapore

It is the first major investment by a Chinese aerospace firm.

by KRISANA GALLEZO
13 May 2015 | 666 views

Megafash sets the stage for local entrepreneurs to introduce indie brands

Megafash sets the stage for local entrepreneurs to introduce indie brands

It plans to expand in Malaysia and Indonesia.

by KRISANA GALLEZO
20 Apr 2015 | 559 views
 

Singapore retailers turn to technology to boost productivity

Singapore retailers turn to technology to boost productivity

Shopping for the first child is always challenging for the parents.

by STAFF REPORTER
15 May 2015 | 484 views