ISACA Members Earn Free CPE

Date: Tuesday, 13 September 2016
Time: 12PM (EDT) / 11AM (CDT) / 9AM (PDT) / 16:00 (UTC)

Overview

The SSH protocol is one of the security industry’s greatest tools, but it’s not completely understood. Used by administrators around the world for remote access to servers, network devices, and secure data transfer between applications, SSH has been providing encrypted trusted access for the last two decades. Nonetheless, the power it actually wields is widely unknown, exposing a major gap in our identity access postures and creating risk for the resilience of our enterprises.

We will explore SSH user keys – the only form of access credentials that can be provisioned without oversight or expiration dates. Therefore, they continue to provide access until they are eliminated from the systems on which they reside. Enterprises are finding millions of SSH user keys without knowing who they belong to or whether they are still in use. SSH user keys are access credentials to our most critical infrastructure – yet are undiscovered, unmonitored, and unmanaged.

During this webinar you will learn how SSH user keys function in relation to the access they provide, why they pose such a significant risk, and why many auditors have been in the dark on this topic until now.

Matthew McKenna brings over 15 years of high technology sales, marketing and management experience to SSH Communications Security and drives strategy, key account sales, and evangelism. His expertise in strategically delivering technology solutions that anticipate the marketplace has helped the company become a market leader. Matthew holds a Bachelor of Arts degree in German from the University of South Carolina and an MBA from the Helsinki School of Economics and Business Administration. Matthew holds a Bachelor of Arts degree in German from the University of South Carolina and an MBA from the Helsinki School of Economics and Business Administration.

Fouad Khalil has extensive experience in the technology space with more than 25 years spanning disciplines in software development, IT support, program and project management and most recently IT Security and Compliance management. His key areas of focus include Information Technology, Internal Controls over financial reporting, Sarbanes-Oxley, PCI DSS, and HIPAA/HITECH compliance. Fouad is experienced in security training and awareness as part of corporate governance and regulatory compliance. He is an ISACA Member and is CISA certified.