Keeping Critical Airline Systems Safe with SSH Key Security for a Major U.S. Airline
Before Venafi: Uncontained key and certificate access; no audit or control of SSH keys; unidentifiable orphaned or abandoned SSH keys.
After Venafi: Streamlined key and certificate access and policy; secured 1.6M SSH keys on 23,000 servers; automated SSH key rotation; continuously monitored for anomalies, orphans and abandoned SSH keys.
SSH keys grant the highest level of access privileges, providing authentication and access for system admins and automated applications. For a major airline, the abuse of SSH key access can have disastrous consequences. This major U.S. airline knew it needed more control of its SSH keys, but had no policies or audit capabilities in place. Lack of visibility made it impossible to track orphaned or abandoned SSH keys. This exposed the airline to potential unauthorized access to critical systems and data.
Using Venafi, the airline has now secured its 1.6 million SSH keys on 23 thousand servers. To keep their SSH keys secure, they conduct continuous monitoring. And because SSH keys never expire on their own, the airline has automated their SSH key rotation.
To maintain control when employees and roles change, the airline integrated Venafi with their Identity and Access Management (IAM) system for easy SSH key removal.
The airline is now confident that their SSH keys are secure and working as they should to protect their systems and data.