The security solutions specialist reckons the network device management of routers, switches and firewalls is poorly managed and the rise of the IoT means this must be addressed
SSH Communications Security, a leader in security solutions that enable, monitor and manage encrypted networks, is expanding its offering into the public key infrastructure (PKI) space, revealed chief commercial & strategy officer Matthew McKenna, in an exclusive interview with SmartCitiesWorld.
The sheer number of IoT devices is expected to grow exponentially and the movement of data between these and back-end systems will drive the need for certificates as the first phase of managing access to lighter weight devices.
From an access perspective, McKenna reckons that network device management of routers, switches and firewalls are poorly managed and believes the ongoing extension to millions of IoT devices needs careful attention.
The SSH protocol was invented by SSH Communications Security company founder Tatu Ylönen, back in 1995 and it had two primary functions. Firstly, to provide remote administrative access securely in an encrypted fashion for administrators accessing servers and networks devices remotely and secondly, via its secure file transfer protocol, securely transferring data between applications.
SSH is one of the three most widely used protocols in the world. It sits on the majority of network devices, and can be found on 60 per cent of the world’s web servers.
As a company, SSH Communications Security has evolved into an access management player solving challenges that enterprises face around managing encrypted access. Translating this into a smart cities context, McKenna says that it’s all about securing the privacy of data, and how the security of access to that data is ensured.
SSH’s CryptoAuditor was developed in response to these concerns. It’s a way of monitoring, controlling and auditing administrative access coming through SSH, SFTP, RTP, RDP protocols and SSL related access.
“One of the challenges you are going to face in these interconnected cities -- and where you have millions of devices -- is you’re not going to be able deploy agents. So you’re actually going to have to monitor and control traffic to these administrative devices transparently,” said McKenna.
“That’s what CryptoAuditor does. It essentially allows us – without disrupting any workflows or having to deploy any agents – to control and audit this traffic at a protocol level. This is a very different way of doing things than has been traditionally out there. This is more applicable to our cloud-based environments where you have millions of these types of connections going on,” he added.
With the supply chain increasingly becoming integrated, and interconnectedness part of daily life, McKenna believes the security industry will be forced to review how it thinks about identity. He adds that the developer app space and how new apps are being bought into business could bring the thinking about identity in line with the automotive industry, a just-in-time provision process where identity is immediately removed when it is no longer needed whether that be an interactive or transactional process.
“This will be one way of making it more difficult for the bad guys to get in,” said McKenna, “but at the same time it’s a challenge for the security industry to figure out how we create that paradigm shift to secure identities in real time.”