<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
Search
Close icon
Search bar icon
Blog / Access

The Access Management Bill of Rights

Tim Prendergast
by
Chief Executive Officer (CEO)
StrongDM
2 min read
Last updated on: September 6, 2024
Found in: Access Privileged Access Management Dynamic Access Management
StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen
Get a demo
The Access Management Bill of Rights

I'm continuously shocked by how poorly the PAM industry has treated customers to date. Shame on CyberArk, Delinea, and all the rest of you for persisting with such predatory models.

  • The business model is "squeeze the blood out of them, then squeeze harder."
  • The deployment model is "you'll never stop paying our Professional Services fees if you ever want a deployment."
  • The support model is "you'll pay maintenance forever because you can't keep this stuff alive without us, much less upgrade it."
  • The adoption model is "it's supposed to be painful, you'll get used to it."

The world deserves better. YOU deserve better. 

Here's my bill of rights for admins and privileged users:

  1. You have the right to a product that covers your entire infrastructure, not just the 4 things your PAM or secret store decided are enough.
  2. You have the right to streamlined, simple deployment without the need for professional services.
  3. You have the right to not fear, but embrace your PAM partner because they actually care about solving your problems and not the balance in your bank account.
  4. You have the right to say "YES!" because anyone can use the technology to do their job without suffering.
  5. You have the right to get time back because automation, cloud-native concepts, and resiliency were design principles from day one.
  6. You have the right to full visibility of activities, and should have the option to connect it all to your monitoring tools so that you have the security awareness to react to events and make good decisions.
  7. You have a right to simply and easily produce access-related evidence for audits and investigations.
  8. As a privileged user, you have a right to securely and easily connect to the infrastructure needed to do your job using your preferred tools or methods.
  9. You have a right to easily add new technologies to your stack, knowing that it will not take weeks or months of work to be added to your privileged access management tool.
  10. You have the right to be confident that all access tied to a specific user has been deprovisioned when they change teams or get a new role.
  11. You have the right to easily request access to the tools you need, and have those requests approved and provisioned, or declined, within a reasonable timeframe–not days or weeks.
  12. You have the right to an easily-managed identity lifecycle across your infrastructure, supported by open standards such as SCIM, OIDC, and SAML, so you can meet compliance requirements.

You deserve better than the solutions provided by PAM providers. And this bill of rights is the starting point for demanding it.

Your PAM shouldn't scare you and your users to death. Make a change—StrongDM is the Zero Trust PAM platform (a better, more modern and flexible PAM) that puts you back in control of your business. Our G2 customer reviews can't be beat!

About the Author

, Chief Executive Officer (CEO), before joining StrongDM, Tim founded Evident.io—the first real-time API-based cloud security platform. In 2018, Palo Alto Networks (PANW) acquired Evident.io, and Tim joined the executive team at PANW. As the first Chief Cloud Officer, Tim helped outline GTM and product strategy with the C-suite for the cloud business. Tim also served as the principal architect for Adobe's Cloud Team, designing and scaling elastic AWS infrastructure to spark digital transformation across the industry. Tim’s love for innovation drives his interest as an investor in true market disrupters. He enjoys mentoring startup founders and serving as an advisor.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

HIPAA Multi-Factor Authentication (MFA) Requirements
HIPAA Multi-Factor Authentication (MFA) Requirements in 2025
The HIPAA Multi-Factor Authentication (MFA) requirement is a security measure that requires users to verify their identity using at least two different factors—such as something they know (a password), something they have (a smartphone or token), or something they are (a fingerprint)—to access systems containing electronic Protected Health Information (ePHI). This additional layer of security is designed to protect sensitive healthcare data from unauthorized access, even if one credential is compromised, and helps organizations comply with the HIPAA Security Rule.
There Will Be Breaches: A Blueprint for Smarter Access
There Will Be Breaches: A 2025 Blueprint for Smarter Access
I’ll spare you the “I drink your milkshake” tropes, but we all face a sobering reality: there will be breaches in 2025. Breaches aren’t a question of “if” anymore—they’re a question of “when” and “how bad.” It’s a foregone conclusion, like taxes or the 37th season of Grey’s Anatomy. But here’s the good news: knowing the inevitability of breaches gives us the perfect opportunity to prepare, if we have the will – and strategy – oh, and tools – to do it. And no, I’m not talking about the “build a bunker and buy 1,000 cans of beans” kind of preparation. I’m talking about a smarter, modern approach to managing access.
13 StrongDM Use Cases with Real Customer Case Studies
13 StrongDM Use Cases with Real Customer Case Studies
Managing access to critical infrastructure is a challenge for many organizations. Legacy tools often struggle to keep up, creating inefficiencies, security gaps, and frustration. StrongDM offers a modern solution that simplifies access management, strengthens security, and improves workflows. In this post, we’ll explore 13 real-world examples of how StrongDM helps teams solve access challenges and achieve their goals.
What Is Network Level Authentication (NLA)? (How It Works)
What Is Network Level Authentication (NLA)? (How It Works)
Network Level Authentication (NLA) is a security feature of Microsoft’s Remote Desktop Protocol (RDP) that requires users to authenticate before establishing a remote session. By enforcing this pre-authentication step, NLA reduces the risk of unauthorized access, conserves server resources, and protects against attacks like credential interception and denial of service. While effective in securing RDP sessions, NLA is limited to a single protocol, lacks flexibility, and can add complexity in diverse, modern IT environments that rely on multiple systems and protocols.
How to Automate Continuous Compliance in AWS with StrongDM
How to Automate Continuous Compliance in AWS with StrongDM
Enterprises seek ways to effectively address the needs of dynamic, always-evolving cloud infrastructures, and StrongDM has developed a platform that is designed with built-in capabilities to support continuous compliance in AWS environments.