SSH Keys: Security Asset or Liability?

  • Date 04 Jun 2019

SSH Keys: Security Asset or Liability?

04 Jun 2019, 13:20 - 13:45

Strategy Talks

All enterprises rely on SSH for routine administrative tasks by systems administrators, as well as for secure machine-to-machine automation of critical business functions. However, SSH keys are often left untracked, unmanaged, and unmonitored. With no expiration and a lack of lifecycle management, enterprises can wind up with millions of SSH keys that leave organisations with a broad attack surface for insider threats and cybercriminals. 

Hear the common mistakes that almost all organisations make around security, policy, and auditing practices for SSH keys. Then learn a 4-step approach that takes SSH keys from a security liability to a security asset.

Learning Outcomes:

  1. Understand how cybercriminals are exploiting SSH keys to gain unauthorised privileged access.
  2. Learn how SSH keys provide the ideal mechanism for cyber criminals to pivot through your environment, and how to control it.
  3. Discover why Privileged Access Management solutions don’t protect against SSH key risks.
  4. Recognise the common pitfalls in SSH key management, made by nearly every organisation.
  5. Comprehend how to develop a plan to incorporate best practices into SSH key management.


  • Mike Dodson


    VP WW Customer Security Strategy & Solutions


    Mike Dodson is VP Worldwide Customer Security Strategy and Solutions at Venafi, where he focuses on helping Global 5000 organisations protect their...

Business Issues covered

  1. What will this session help you to do?
    • Ensure information security projects demonstrate return on investment‎


We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.