Cloud hosting and services provider deploys CryptoAuditor to protect data

Major enterprises, financial institutions and government agencies share concerns regarding the safety of sensitive information stored in the cloud. SSH Communications Security announced on August 27 that its CryptoAuditor solution has been deployed by a major cloud hosting and services provider.

Over 30,000 servers and thousands of customers will benefit from the solution’s encrypted channel monitoring, privileged access management (PAM) and forensics capabilities..

The customer needed to extend its continuous monitoring capabilities to encrypted channels in order to enhance their security posture, meet customer service level agreements (SLAs) and meet compliance mandates. Because the customer’s business model focuses on cloud-based services, traditional approaches to PAM did not meet their requirements.

CryptoAuditor’s unique capabilities and versatile deployment options enabled the provider to:

• Avoid changes to existing workflows and time consuming administrator training using the solution’s transparent and inline deployment capabilities;
• Scale to hundreds or thousands of simultaneous RDP and SSH connections in an elastic environment;
• Extend the value of their SIEM solution by enabling continuous monitoring of encrypted traffic;
• Record and retain administrator sessions for deep forensics capabilities including advanced search and session replay;
• Integrate with Active Directory and company authorization databases for automated user provisioning and de-provisioning.

By deploying CryptoAuditor, the cloud provider gained:

• The ability to monitor system administrators and provide authoritative audit trails of their activities;
• Compliance with strict service-level agreement (SLA) requirements concerning privileged user access to customer data;
• The ability to monitor all privileged identities transacting the network via Secure Shell and RDP;
• Stronger security by eliminating back doors and firewall workarounds such as port forwarding.

Matthew McKenna, COO, SSH Communications Security, said, “The rapid growth in data center traffic and the move to the cloud demands a new approach to privileged access management. Traditional PAM solutions only monitor a portion of privileged identities, leaving the doors open to malicious insiders, cyber-criminals and advanced threats. The ability to monitor and control encrypted traffic at the network level empowers organizations to track all identities operating within privileged channels and extend security intelligence capabilities to high-risk, high-traffic blind spots in the estate.”