Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so. A classic example is a highly-guarded military facility. In IT security, experts have spent decades building a security perimeter for a world where servers were mostly physical and the environment mostly static. Now the mandate from the bean counters is to open the perimeter – or at least a healthy chunk of it – to the cloud ..read more

Credentials and secrets management often focus on passwords. But there are also other credentials, like SSH keys, that serve the same purpose as passwords in the sense that they are access credentials just as well and, at the same time, are overlooked ..read more

Whether you are a regular Microsoft 365 user or a super admin wielding a lot of IT power, your passwords must be managed. It just makes cybersecurity sense, and it is required by law.  But what is the best way to manage passwords that are especially powerful access credentials in the hands of administrators, developers, and consultants?  ..read more

Sometimes you need to experience something firsthand to understand the real difference. I had one of those experiences in the Alps just recently ..read more

KuppingerCole Analysts just published their Dynamic Resource Entitlement & Access Management (DREAM) classification for access management and entitlement platforms that can best operate in dynamic computing environments. This report is first of its kind for the market research company, and it puts special emphasis on platforms that “must operate at the speed of the cloud and grant access based on tasks, toolchains, and workloads rather than roles – or only permission access to static resources such as servers or vaults”, as is stated in the report. We at SSH are happy to announce that w ..read more

Getting rid of permanent access helps your organization boost efficiency, cut costs, and better protect against cybersecurity threats. It also eliminates a big annoyance: password and key rotation. Here’s how it all works ..read more

TL;DR; PrivX 20 can now be deployed in containers orchestrated by Kubernetes, OIDC login support for native SSH clients and the option to launch our Zero Trust Universal SSH Key Manager from PrivX for future proof enterprise SSH key management ..read more

Identity and Access Management (IAM) projects are all the rage at the moment. This is understandable, since digital ecosystems are expanding and the number of applications (like GSuite, Office 365 and Slack) just keeps on growing, so the consolidation of access to the applications from different sources under one roof increases security and productivity ..read more

“DevOps was a kind of revolution in IT because it focused on people and a change in culture to get things done as much as technology." - Paul Fisher, KuppingerCole Analysts, in KuppingerCole Privileged Access Management for DevOps Report. There are naturally many reasons why DevOps has gained popularity. But maybe what Paul Fisher stated above actually is one of the key reasons why the methodology was so well-received by companies and developers: it put the people first. And what do forward-thinking software developers appreciate? Probably: a high degree of automation minimal need fo ..read more

Managed Service Providers (MSP) are an important part of the growing IT ecosystem as more and more enterprises outsource parts or most of their infrastructure to MSPs ..read more