Search

Budget 2015: What you need to know right now
BUDGET 2015 COVERAGE
Budget 2015: What you need to know right now

Income taxes will be hiked to shoulder massive investments.
6390 views

COMMENTARY
INFORMATION TECHNOLOGY | Contributed Content, Singapore
Published: 10 Aug 12
1060 views


Tommi Lampila

3 challenges in user key management

BY TOMMI LAMPILA

Singapore, as an international city and the regional business and financial hub of Asia Pacific, has been inextricably in line with international standards of excellence.

While the adoption of the PCI-DSS and Sarbanes-Oxley Act (SOX) SOX standards began among North American organizations, multinational companies with global presence are adopting the standards and compliance efforts centred on them are increasing. For example, companies that need to be compliant with PCI-DSS also require their partners that exchange and co-process credit card data, to maintain the compliance.

Early before the development of the compliance requirements, global enterprises have adopted Secure Shell (SSH), a network protocol invented in 1995 for securing data communication. Today over 3000 global organisations use the SSH data-in-transit solution for moving information, including 7 of the Fortune 10 and trends have shown that there is an increase of SSH usage in the financial industry to meet compliance in recent years.

For these enterprises, the most critical enterprise data and applications are often transported and housed on SSH and OpenSSH servers. In order to access the data, user authentication is required. However, in today’s complex enterprise environments, it is nearly impossible to map the trust relationships between individual users, system accounts and application ID’s to their respective targeted destination SSH servers.

Enterprises typically have one or more IMS (Identity Management System) for their users, which usually does not encompass access to all systems and accounts across the enterprise and provides no visibility into user keys keys that provide access to the organizations most sensitive information.

Traditional manual approaches to managing user keys are not only time consuming and expensive; but also easily trigger manual errors in key setups. This not only poses a major security and compliance risk, but has also proven to be cost ineffective.

Challenges in managing keys

1. Compliance
Today the compliance standards are higher and even more specific on user key management. For instance, PCI DSS requires enterprises to “Protect encryption keys issued for encryption of cardholder data against disclosure and misuse.” and “Fully document and implement all key management processes and procedures”.

In addition, the ISO 27001-1 also specifies requirements for key management. Organizations need to expend more effort to comply with the more stringent requirements.

2. High cost
Setting up new keys and trust-relationships in traditionally manual way is complex. It is even more complex to rotate and remove the keys. The more dynamic the environments are, the more key operations are required. The widespread cloud and grid computing adoption has increased the burden of IT departments of many of institutions.

3. Growing risk
According to the IBM X-Force 2011 Trend and Risk Report, there were a large number of automated password guessing attempts directed at secure shell servers in the latter half of 2011.

In addition, the top 10 threat actions types by number of breaches within larger organizations, “Use of stolen login credentials” ranked no. 1, according to 2012 Data Breach Investigations Report by Verizon. The present situation calls for enterprises to seek ways to eliminate complex manual work, reduce risk of unauthorized access, improve visibility and meet compliance.

A logical three phased approach of user keys management The best practice of user keys management to overcome these challenges should include three phrases: discovery, monitoring and management.

First, the legacy environment of existing deployed private and public SSH keys and their associated users are discovered and manual errors and mismanagement in the past are then identified.

Thereafter, this environment is locked down and monitored, and the authorized users are linked to the respective servers via user and group information, as well as the defined access policies.

Finally, the environment is brought under automatic management, and user keys are automatically deployed, revoked, recertified and rotated according to changes in the operational environment and user repositories. 

The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Singapore Business Review. The author was not remunerated for this article.

Tommi Lampila

Tommi Lampila

Tommi Lampila is the Vice President, APAC, SSH Communications Security. 

Contact Information



Sign up for our newsletter

 

Do you know more about this story? Contact us anonymously through this link.

Click here to learn about advertising, content sponsorship, events & rountables, custom media solutions, whitepaper writing, sales leads or eDM opportunities with us.

To get a media kit and information on advertising or sponsoring click here.

Tags: Tommi Lampila, SSH Communications Security, PCI-DSS Singapore, Singapore's enterprise environment, Identity Management Sytem in Sngapore

LATEST INFORMATION TECHNOLOGY JOBS »
PRINT ISSUE »

Subscribe Now
What factors are keeping expats rooted in Singapore?

401 views

What factors are keeping expats rooted in Singapore?

444 views

Can Asian private equity outgrow the west?

137 views

MOST READ EXCLUSIVES

Singapore’s 10 most sought-after 40 and under investors

Singapore’s 10 most sought-after 40 and under investors

Check out who made the cut.

by KRISANA GALLEZO
19 Dec 2014 | 45171 views
 

Singapore’s first permanent lifestyle market opens in Bukit Timah

Singapore’s first permanent lifestyle market opens in Bukit Timah

Over 20 brands and labels are gathered together under one roof.

by KRISANA GALLEZO
5 Jan 2015 | 32954 views

Singapore’s top 5 work from home jobs

Singapore’s top 5 work from home jobs

Here are jobs that you can do while sitting on your couch or in your favorite coffee shop.

by KRISANA GALLEZO
11 Dec 2014 | 30435 views
 

Singapore Business Review’s 2014 Class of 40 and under

Singapore Business Review’s 2014 Class of 40 and under

Meet a summa cumlaude graduate who rises from poverty to become JP Morgan’s head of corporate finance.

by KRISANA GALLEZO
12 Jan 2015 | 29427 views

Find out the 10 most expensive districts to rent an HDB flat in Singapore

Find out the 10 most expensive districts to rent an HDB flat in Singapore

Glitzy Bukit Timah is off the list.

by KRISANA GALLEZO
19 Dec 2014 | 26750 views
 

Singapore’s hot new restaurants in December

Singapore’s hot new restaurants in December

Japanese restos take over Singapore’s sizzling dining scene.

by KRISANA GALLEZO
17 Dec 2014 | 9371 views

This food hub in Seah Street brings a throwback experience to dining

This food hub in Seah Street brings a throwback experience to dining

It offers an exciting lunch menu which changes every week.

by KRISANA GALLEZO
16 Jan 2015 | 6333 views
 

Singapore’s first news aggregation app attracts 1 million users in two years

Singapore’s first news aggregation app attracts 1 million users in two years

Stay in the loop with news and lifestyle content from SBR and 600 other publishers.

by KRISANA GALLEZO
10 Dec 2014 | 3258 views

This startup created the world’s first bed sensor technology

This startup created the world’s first bed sensor technology

No more patients accidentally falling off hospital beds.

by KRISANA GALLEZO
14 Jan 2015 | 2699 views
 

Too many business cards? Why don’t you try Sansan’s business card management service?

Too many business cards? Why don’t you try Sansan’s business card management service?

After Singapore, this contract management company plans to expand in the APAC region.

by KRISANA GALLEZO
12 Feb 2015 | 2588 views

Go inside the gorgeous new headquarters of Ingredion in Singapore

Go inside the gorgeous new headquarters of Ingredion in Singapore

Its state-of-the-art kitchen space is not to be missed.

by KRISANA GALLEZO
18 Dec 2014 | 2572 views
 

Spencer Ogden gets funky with its newest trademark space in Singapore

Spencer Ogden gets funky with its newest trademark space in Singapore

The company invested over $1M to make this signature office possible.

by KRISANA GALLEZO
5 Feb 2015 | 2419 views

What Singaporean investors can expect from Okinawa’s development

What Singaporean investors can expect from Okinawa’s development

A 40% tax cut in setting up business is expected to lure investors.

by KRISANA GALLEZO
12 Dec 2014 | 2229 views
 

Meet INSEAD’s new chairman of the board

Meet INSEAD’s new chairman of the board

Find out how Andreas Jacobs plans to bring “business as a force for good”.

by KRISANA GALLEZO
14 Jan 2015 | 2212 views

Check out this integrated office cum lab of Friesland Campina in Singapore

Check out this integrated office cum lab of Friesland Campina in Singapore

A curved glass wall resulted in a 90% open-plan office.

by KRISANA GALLEZO
17 Feb 2015 | 2028 views
 

Jack Wills opens its first store in Singapore

Jack Wills opens its first store in Singapore

A 'fun' brand that values the Brit vibe. Put your game face on!

by KRISANA GALLEZO
10 Dec 2014 | 1977 views

The future of innovation: What’s next after Facebook and Twitter?

The future of innovation: What’s next after Facebook and Twitter?

A video version of Twitter might be under way.

by KRISANA GALLEZO
11 Dec 2014 | 1772 views
 

What it’s like going into business with your significant other

What it’s like going into business with your significant other

A couple who founded an artisanal food outlet, P.Bistro, shares experience.

by KRISANA GALLEZO
9 Jan 2015 | 1737 views

This could be your best pal when no one’s around to help during an emergency

This could be your best pal when no one’s around to help during an emergency

TagBio's ID-Life features accessories with critical info embedded in QR codes.

by KRISANA GALLEZO
16 Dec 2014 | 1492 views
 

SFIC Institute's new training hub overhauls carpenters' career image

SFIC Institute\'s new training hub overhauls carpenters\' career image

It’s the first carpentry training center in Singapore’s furniture industry.

by KRISANA GALLEZO
10 Dec 2014 | 1296 views

Kungfumath wants to revamp boring e-learning portals

Kungfumath wants to revamp boring e-learning portals

“Play with numbers” in its literal sense.

by KRISANA GALLEZO
5 Dec 2014 | 1291 views
 

PocketMath makes buying mobile ad impressions easier

PocketMath makes buying mobile ad impressions easier

It integrates over 20 ad exchanges and offers over 20B impressions a day.

by KRISANA GALLEZO
9 Feb 2015 | 1283 views

The heat is on: This office literally gets a bit hot for their green drive

The heat is on: This office literally gets a bit hot for their green drive

Discover how they execute their green initiatives in the office.

by KRISANA GALLEZO
22 Jan 2015 | 1245 views
 

MetLife builds its first global R&D hub

MetLife builds its first global R&D hub

It bills itself as a first-of-its-kind innovation centre for the insurance industry.

by KRISANA GALLEZO
26 Jan 2015 | 1224 views

FTMSGlobal Academy Singapore launches new weekend MBA

FTMSGlobal Academy Singapore launches new weekend MBA

The course fee is below $20,000.

by KRISANA GALLEZO
8 Jan 2015 | 1016 views
 

Here’s how migrants can be sure their loved ones back home paid the doctor a visit

Here’s how migrants can be sure their loved ones back home paid the doctor a visit

This NRI-focused startup also gives migrants monthly feedback from the doctor.

by KRISANA GALLEZO
7 Jan 2015 | 925 views

ENVision campaign‘s ‘hard truth’ could make you think twice

ENVision campaign‘s ‘hard truth’ could make you think twice

Singapore might run out of space for trash by 2035 and more.

by KRISANA GALLEZO
15 Dec 2014 | 743 views
 
close Don't Show Again

STAY INFORMED! Get our free weekly newsletter