eBooks

SecureIT is continually reviewing trends, examining technologies and engaging in standards development in cyber security, information assurance, audit, and regulatory compliance. Those efforts, combined with our first hand experience solving our customers’ problems, yield whitepapers and reports that offer insights, guidance and best practice. We hope that you find them useful.

Managing SSH Keys and Associations

The Secured Shell (SSH) service is widely deployed to provide secured connectivity between systems. In other words, SSH is the secured alternative for telnet or ftp services, which are clear text and could expose user credentials and sensitive network traffic to eavesdroppers. SSH provides an encrypted tunnel through which users can enter commands, transfer files, or even use an X Windows graphical users interface.

For many years, auditors have been advocating wide deployment of SSH as a costeffective solution to the security problem of clear text network transports. OpenSSH is the most commonly deployed implementation of the SSH protocol. The price is right – it’s free – and it does not require the complexities of a Public Key Infrastructure (PKI) for generating keys. However, many organizations that have large OpenSSH deployments have found that SSH can introduce new security problems that can be as significant as the problem of clear text transmissions.

Written by Greg Kent, SecureIT Vice President,  our three part SSH eBook series provides a comprehensive discussion of the risks, solutions and preventive measures that can improve the security and success of your SSH deployment.

Part 1: Background and Risks

SSH BandR v2

 

 

 

 

Part 2: Risk Management & Solutions

SSH-RMS

 

 

 

 

Part 3: Policy and Prevention

SSH-PandP v2

 

 

 

 

12 Secrets to SOC 2 Success

Attaining SOC 2 compliance is a common requirement for service organizations to attract mid-sized and large commercial customers. Many software service providers first try to obtain SOC 2 compliance through internal initiatives.

Unfortunately, SecureIT has found that most organizations seeking first time SOC 2 compliance underestimate the scope of the challenges they face and overestimate the ability of their IT organization to implement the controls and process changes needed.

This eBook shares insights that we have gained from providing guidance and hands-on assistance to enable dozens of organizations to achieve and sustain SOC 2 compliance on their first attempt.  Read it now.

Transforming IT Audit for Cloud Computing 

Access proven best practices and valuable insights from industry leaders that will propel success with your cloud audit.  The eBook is a must read for increasing IT Audit’s success in planning, executing, and monitoring cloud audit initiatives.

cloud_audit_ebook

 

 

 

 

 

 

 

 

FedRAMP Advisory Services

Download FedRAMP Advisory Services Datasheet 

Advisory Services

 

FedRAMP Expertise and Manpower for CSPs 

Discover how SecureIT’s FedRAMP Advisory Services help you achieve authorization on the first try

Learn More

Download Capabilities Datasheet

Trusted provider of Security Solutions

Learn more about our approach to Holistic Cybersecurity

Download FedRAMP 3PAO Datasheet 
FedRAMP
Accredited FedRAMP 3PAO

Learn why cloud service providers of all sizes choose SecureIT as their 3PAO

Download SOC 2 Compliance Datasheet

secureit soc 2 DS

 

Download Penetration Testing Datasheet 

Penetration Testing

Download IT Audit Services

Download Now