Embedded M2M Solutions - Featured Articles

Featured Article

November 14, 2013

Embedded M2M Solutions - SSH Communications Security's Tools Will Comply with Version 3.0 PCI DSS Standards


SSH Communications (News - Alert) Security, the company that created the SSH security protocol, announced that its Universal SSH Key Manager (UKM), CryptoAuditor and SSH Risk Assessor (SRA) will meet the requirements set by version 3.0 of the Payment Card Industry Data Security Standard.


The Payment Card Industry Data Security Standard (PCI (News - Alert) DSS) was crafted by major credit card companies in an effort to boost consumer confidence and security in electronic payments. Version 3.0 of the standard specifies 50 new requirements of organizations using the Secure Shell protocol (SSH) for access and machine-to-machine processes.

SSH Communications Security's UKM is the only solution delivering full key lifecycle -- from deployment to continuous monitoring -- management as required by the new standards. Similarly, CryptoAuditor will monitor privileged activities by both approved users and processes. Finally, SRA will be available as a free and easy to use audit and discovery tool to find and reveal PCI compliance and security issues. 

"A lack of specific instructions, testing requirements and awareness has historically left most enterprises with significant gaps in their risk and compliance postures," Tatu Ylönen, founder and CEO, SSH Communications Security, said in a statement. "Most compliance regulations only refer in general terms to access control and encrypted network monitoring. SSH Communications Security has been working directly with major compliance bodies to bolster the regulatory framework with protections for the [mobile-to-mobile] connections that make up nearly 90 percent of the network environment. Our solutions help organizations protect against network threats and keep in compliance with these new standards."

Ylönen has stressed the importance of compliance with security standards before. The problem with SSH, Ylönen writes, isn't the technology behind it, but organizations that don't manage their keys properly, leaving them exposed to not only attacks, but also noncompliant with federal regulations.




Edited by Rachel Ramsey


Back to the Embedded M2M Solutions Community


Comments powered by Disqus


Related Embedded M2M Solutions Articles