Skip to Main Content

Common Sense: Rotate your SSH Keys After Employees Depart

Posted on 12.11.2017
When most enterprises think of security exploits they envision sophisticated teams of hackers working to infiltrate sensitive systems. It is actually more common, however, for such issues to start from within. 

According to recent research from Venafi (a provider of machine identity protection), even though SSH keys provide a high level of administrative access control they are very often untracked, unmanaged and very poorly secured.  The result? Former (and rogue) employees are often to blame.

For example, 69 percent of respondents from the financial services industry admit they do not actively rotate keys, even when an administrator leaves their organization. This allows the former employee to have ongoing privileged access to critical and sensitive systems. That's a big problem for those with stores of sensitive information.

What's worse is that 85 percent of respondents to Venafi's study say they do not even have a complete and accurate inventory of all SSH keys. Without such an up-to-date (and correct) inventory, organizations in the financial services industry cannot determine if keys have been stolen, misused or should not be trusted.

“Cybercriminals can leverage compromised SSH keys to gain elevated access to servers and perform nefarious activities, all while remaining undetected,” said Nick Hunter, senior technical manager for Venafi.

“In addition, they know that a single SSH key will often be copied across hundreds or thousands of systems. Cybercriminals can use compromised keys to move throughout a financial services organization, creating additional backdoors and setting up beachheads for their operations.”
Today's Top Picks for Our Readers:
Recommended by Recommended by NetLine

Leave Your Comment

Login to Comment

Become a Member

Not already a part of our community?
Sign up to participate in the discussion. It's free and quick.

Sign Up


Leave a comment
    Load more comments
    New code