SSH User Keys and Access Control in PCI-DSS Compliance Environments

"This white paper analyses how emerging key management and access control technologies will likely impact PCI compliance mandates and presents SSH’s Universal SSH Key Manager as a solution that can be implemented today to both increase security controls and meet the coming, common sense changes to compliance mandates.

As the Payment Card Industry Data Security Standard (PCI-DSS) evolves to include requirements to manage secure shell user keys as carefully as passwords, the current tools many organizations use for secure shell user key management will become ineffective and create a compliance issue. This white paper analyses how emerging key management and access control technologies will likely impact PCI compliance mandates and presents SSH’s Universal SSH Key Manager as a solution that can be implemented today to both increase security controls and meet the coming, common sense changes to compliance mandates."

Spotlight

GreyCastle Security

GreyCastle Security is an information security consulting firm, focusing on risk management, awareness and operational security. Our company was established because a need existed for an information security consulting firm truly focused on managing risks in people, process and technology, not pushing the latest hardware and software. GreyCastle Security is dedicated to helping organizations just like yours reach security equilibrium - a place where your risks, resources and budget are in balance.

OTHER WHITEPAPERS
news image

Cybersecurity: Experience and best practices during COVID-19 pandemic

whitePaper | July 6, 2020

With this white paper focused on the emerging cyber threat that we world is facing during the COVID-19 crisis, NETIA wish to share his experience, his initiatives and his knowledge on those topics.

Read More
news image

CyberSecurity Under Stress

whitePaper | August 11, 2022

SecOps teams in the US and UK are being asked to do more with less, leading to higher stress levels that impact both their work and personal lives. The growing risk from cyber attacks is also compounded by significant recruitment and retention issues within cybersecurity.

Read More
news image

The State of Mobile App Security 2022

whitePaper | July 28, 2022

Mobile apps have become key tools for businesses to serve customers, earn revenue, and enable remote work by employees. Over the last two years, mobile apps have become critical to success for the majority of businesses.

Read More
news image

VIRSEC ® SECURITY PLATFORM

whitePaper | December 10, 2019

Advanced application attacks that weaponize at runtime (WRT) are increasingly putting businesses at risk. These attacks challenge application security by leveraging fileless malware, memory corruption and uncommon vulnerabilities to evade traditional security solutions. WRTs manipulate legitimate processes and enable stealthy execution of malicious code, resulting in data breaches, damaged infrastructure, and financial losses.

Read More
news image

Network Traffic Analysis (NTA): A Cybersecurity ‘Quick Win’

whitePaper | February 27, 2020

According to research from ESG and the Information Systems Security Association (ISSA), 91% of cybersecurity professionals believe that most organizations are either extremely or somewhat vulnerable to a significant cyber-attack or data breach.1 This level of cyber-risk demands immediate attention and action from CISOs, CIOs, and business executives. As a result, 62% of organizations plan to increase cybersecurity spending in 2020.2 Here’s the problem: Increasing security budgets alone isn’t enough. CISOs need quick and easy wins that can greatly bolster security efficacy and streamline operations without demanding massive projects and vast resources. There is a lot of work ahead. This white paper concludes.

Read More
news image

The Cyber Resilience Blueprint: A New Perspective on Security

whitePaper | December 15, 2019

In this sophisticated threat environment, traditional security tactics are failing. Symantec encourages organizations to revisit their security posture to build a more cyber resilient enterprise. Resilience is not defined by a series of checklists, but through evaluations based on the current threat environment and the acceptable risk level for the organization.

Read More

Spotlight

GreyCastle Security

GreyCastle Security is an information security consulting firm, focusing on risk management, awareness and operational security. Our company was established because a need existed for an information security consulting firm truly focused on managing risks in people, process and technology, not pushing the latest hardware and software. GreyCastle Security is dedicated to helping organizations just like yours reach security equilibrium - a place where your risks, resources and budget are in balance.

Events