Venafi lined data from its research up against aggregate SSH risk assessments conducted over a two-year time period, and found that enterprises average one root access orphan key on every enterprise server, which can act as permanent back doors.
The study also revealed that enterprises average 2.5 root access keys per server analysed. If threat actors can access root privileges, they can access anything on a remote server, or on multiple servers if the server has been cloned.
96% of CIOs said that their policies require the removal of keys when employees are terminated or transferred, but 40% admitted a lack of automated tools for removing unused keys.
Meanwhile, 80% of CIOs are concerned about security risks connected with SSH keys, and 68% recognise that managing SSH will only become more difficult as organisations move to modern, cloud-native environments.
With SSH machine identities being critical to digital transformation strategies, as they authenticate privileged access between machines, it’s vital that these are properly protected, and that any unused keys are removed when necessary.
The top five CIO challenges
“SSH keys are extremely powerful assets that require careful protection,” said Kevin Jacque, global security architect at Venafi.
“It’s not surprising to find so many severe security risks because we know that most organisations do not use any automation to manage them.
“Unfortunately, we should expect these gaps in SSH key management to continue to grow as organisations move more workloads to the cloud where SSH keys are used for nearly everything.
“The only way to address these risks is to put in place a comprehensive SSH machine identity management solution that provides continuous visibility and leverages automation to enforce policies.”
550 CIOs from the United States, United Kingdom, France, Germany and Australia were surveyed by Venafi, with survey results being compared to analysis of over 14 million SSH client keys and 3.3 million SSH host keys.