SSH Keys: Security Asset or Liability?
SSH keys are often used for routine administrative tasks by system administrators, and privileged access management (PAM) systems ensure proper oversight. However, SSH keys are also used for secure machine-to-machine automation of critical business functions. PAM solutions don’t help secure these machine identities, and most audit programs overlook this important risk. This session discusses the common mistakes that almost all enterprises make around security, policy and auditing practices when managing SSH keys, including current survey results.