Risk mitigation

In today’s complex IT environments, layered security mitigates risks. FST spoke with George Adams, President and CEO of SSH Communications Security Inc., about the technologies that make security tighter.

FST. What are some of the top security threats in 2008 that banks and their customers face?
GA. Every bank, or for that matter, every company that has an IT infrastructure, faces threats from hackers, malicious and disgruntled employees and even corporate espionage. Financial institutions and their customers have to be particularly vigilant to secure file transfers and data across their networks to protect critical financial information, as well as protecting customers from identity theft through exposure of personal and account information. These are current top security threats that we have seen in the banking industry, and they will continue to be a major challenge in 2008 and beyond.

FST. How can these risks be mitigated?
GA. In today’s complex IT environments, the best defence is a good offence. Firewalls, IDS, encryption and authentication each provide their own defences against threats, but implementing just one is not enough. Layered security is the best way to mitigate these risks. Most hackers try to find the path of least resistance when they search to break into a network. By using layers of security, it would be counterproductive for a hacker to waste time by trying to penetrate these layers to reach their goal.

For example, our SSH Tectia solution protects file transfers and data-in-transit. It is deployed in seven of the world’s 10 major financial institutions and half the Fortune 500. However, it is also important to ensure that employees throughout the organization use the IT security systems easily, naturally and transparently.

FST. What are the most common mistakes that the financial institutions make when it comes to keeping their data and customer information under lock and key?
GA. Many institutions are still using unsecured protocols such as ftp for file transfers and even telnet for data connections. Authenticating and encrypting data-in-transit and at rest is a best practice that should be implemented in any organization. Another challenge faced by large financial institutions and other enterprises is how to manage their security solutions, especially now that IBM Mainframes are exposed through the IP network to distributed UNIX, Linux and Windows systems. Deploying and managing changes across tens of thousands of hosts in a complex, multi-platform networked environment is a daunting IT task. SSH took on this challenge a few years ago and developed SSH Tectia Manager and SSH Tectia for the IBM Mainframe to meet these needs.

FST. How do your solutions help in keeping information safe?
GA. SSH Tectia is a flexible, easy-to-deploy and manage time-tested security solution that provides strong encryption and authentication for file transfers and data-in-transit across Unix, Linux, Windows and IBM mainframe environments. User IDs, passwords and data are easily secured in-transit throughout their distributed environments. The technology also provides the fastest file transfer rates in the industry.

SSH Tectia for IBM z/OS has now become standard for secure file transfers and TN 3270 tunnelling at many banks, and is rapidly gaining adoption by many more IBM mainframe administrators and security managers.

With SSH Tectia Manager, financial institutions and other enterprises with large-scale IT environments can pre-configure, deploy, manage and audit their SSH Tectia environment from one central location, or multiple locations depending on their organization structure. The auditing functionality is also an important tool to help these institutions with compliancy and internal IT security audits.

SSH Tectia offers world-class support from the original Secure Shell developer. We invented the SSH protocol and use this time-tested, proven technology to secure mission-critical data for millions of users worldwide.

FST. Are there any new technologies that SSH Communications and the banks are focusing on to make security tighter?
GA. New solutions for various security needs are emerging all the time. The challenge is to find the best-of-breed solutions that, like SSH Tectia, also dramatically reduce labor costs and transition risks by requiring little or no modification to the existing infrastructure or applications, especially legacy applications.

Our new SSH Tectia ConnectSecure adds the ability to automatically convert ftp file transfers into secure file transfers or provide encrypted tunnels for data, not just with SSH Tectia based systems but with any Secure Shells (SSH) based server environment. SSH Tectia ConnectSecure also enables easier migration to a full SSH Tectia environment for institutions that require or have been mandated to have a uniform commercially supported SSH solution across their networks.

About George Adams
George Adams is President and CEO of SSH Communications Security Inc. Based in Wellesley, MA, he is responsible for developing and executing strategies to build the company’s market position and organization.