Skip to main content
banner image
venafi logo

SSH Study: Healthcare Organizations Are Leaving SSH Problems Untreated

SSH Study: Healthcare Organizations Are Leaving SSH Problems Untreated

SSH keys challenges for healthcare
March 5, 2018 | Emil Hanscom

Healthcare organizations care deeply about the protection and privacy of their patients. And they invest heavily in both because they know that the cost of a healthcare data breach can have profound human and monetary costs. Because of this effect, the industry is highly regulated and focuses heavily on cyber security practices, especially when compared to other sectors.

To comply with many of the standards impacting the industry, experts working in the healthcare sector must make sure their machine identities are secured. IT systems administrators use Secure Shell (SSH) keys to authenticate machine identities and to gain the highest levels of administrative access in healthcare organizations. This makes SSH keys very valuable assets to administrators, and unfortunately, to cyber criminals as well.

However, despite the inherent risk of SSH key abuse, these powerful assets are routinely untracked, unmanaged and poorly secured. Unfortunately, this can leave the key in the door for cyber criminals.

“It’s absolutely imperative that healthcare organizations secure their machine identities,” said Nick Hunter, senior digital trust researcher for Venafi. “The healthcare industry faces intense threats from cybercriminals and must comply with rigorous regulatory standards. However, some of the most valuable assets in the industry are often left unprotected.”

Venafi recently conducted a study that evaluated how healthcare organizations manage and implement SSH in their environments. With participation from 102 IT security professionals from the healthcare sector, the study reveals a widespread lack of SSH security controls.

For example, only 8% of respondents admit they have a complete and accurate inventory of all their SSH keys. If healthcare organizations do not know where their SSH assets are or how they are managed, they cannot determine if keys have been stolen, misused or should even be trusted. 

Additional highlights from the study:

  • Unlimited users can generate SSH keys across many systems.
    • Nearly half (47%) of respondents do not restrict the number of SSH administrators, which allows an unlimited number of users to generate SSH keys across large numbers of systems.
  • Users have continuing access to critical assets.
    • One third (33%) of respondents admit they do not actively rotate keys, even when administrators leave their organizations. This can allow former employees ongoing privileged access to personally identifiable information (PII), critical healthcare payment data and sensitive systems.
  • No port forwarding can mean major problems.
    • 40% Forty percent of respondents said they do not enforce “no port forwarding” for SSH. Because port forwarding allows users to bypass the firewalls between systems, a cybercriminal with SSH access can pivot rapidly across network segments.
  • SSH keys are rarely rotated, if at all.
    • 28% of respondents rotate SSH keys at least quarterly; 41% said they don’t rotate these keys at all or only do so occasionally. Attackers who gain access to SSH keys will have ongoing privileged access until keys are rotated.

“Unfortunately, this survey indicates that healthcare organizations are not securing all of the systems and applications that protect patient data. SSH keys provide elevated privileged access that must be protected with the same governance controls that are applied to administrator accounts and passwords,” concluded Hunter.

How healthy are the SSH assets at your healthcare organization?

Related posts

Like this blog? We think you will love this.
Featured Blog

The (Nation) State of Cyber: 64% of Businesses Suspect They’ve Been Targeted or Impacted by Nation-State Attacks

82% believe geopolitics and cybersecurity are intrinsically linked

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Emil Hanscom
Emil Hanscom

Emil is the Public Relations Manager at Venafi. Passionate about educating the global marketplace about infosec and machine-identity issues, they have consistently grown Venafi's global news coverage year over year.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more