<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

We're blowing the whistle on Legacy PAM 🏀 Join us for an Access Madness Webinar on March 28

Search
Close icon
Search bar icon

‘As Code’ in the Wild: How This FinTech Embraced Zero-Friction Infrastructure Access

StrongDM’s CTO and co-founder, Justin McCarthy, sat down with Drew Blas, Director of Internal Engineering at Betterment, to discuss sources of friction in infrastructure access and how automating access and auditing has helped enable Betterment expand its teams, move to Kubernetes, and explore multi-cloud environments.

"You need a truly flexible system that is resilient in the face of ... complexity. Having something that already has the features before you need them really changes the equation."
— Drew Blas, Director of Internal Engineering at Betterment

Creating Flexibility in Diverse Environments

Betterment has a diverse technical environment, with over 200 engineers supporting three independent product lines—each with a different customer base.

This diversity introduces a variety of challenges that are inherent to heterogeneous environments:

  1. Building a separate access model for every system in a diverse environment is cumbersome.
  2. Providing consistent access, while allowing teams to optimize for the problem they’re trying to solve, requires flexibility.
  3. Operators on the backend must maintain network performance, reliability, and security as teams introduce complexity.

Betterment needed to empower its individual local teams to solve the problems that they were facing, which meant flexibility was critical. This was part of the reason the company chose to partner with StrongDM—it provided flexibility while enabling operators on the backend to maintain the performance, security, and reliability that the company needed.

Networking in Multi-Cloud

Drew and Justin moved on to discuss the networking layer, taking a closer look at how systems connect to each other and how people connect to those systems.

Biggest takeaways:

  • Connecting to multiple systems on different networks, with numerous accounts, and several isolated environments is complicated.
  • End users don’t want to spend time figuring out how to access the systems they need; they simply want to connect.
  • Even working with the cloud, you can still end up with multiple accounts and a lot of isolated environments.

End users know the database or server they want to connect to, but they shouldn’t have to spend time figuring out how to access the system. They need to be able to connect without worrying about access.

Auditing & Compliance

The nature of FinTech is that audit requests can come up at any time. Drew commented, “Security, compliance, and auditability [are] a mandate [for] all of our systems—that’s not negotiable. But it can’t be a bottleneck through which we start to refuse our employees the ability to do the job that they need to do.”

Scoping can be a major challenge here. Systems can easily fall outside of their standard compliance practices and slip through the cracks if not properly managed. Auditing helps to reveal those gaps that can otherwise go unnoticed.

Now, everything goes through StrongDM and everything has an audit log. Betterment’s confidence level with auditors has gone way up, and they’ve been spared “a ton of last-minute heartache and ‘gotchas’.”

Miss the webinar? It’s on-demand!

To check out the full webinar, it’s available on-demand.

webinar screenshot

If you’re looking to simplify access in your own diverse environment, you can try a 14 day free trial of StrongDM today.


About the Author

, Chairman of the Board, began working with startups as one of the first employees at Cross Commerce Media. Since then, he has worked at the venture capital firms DFJ Gotham and High Peaks Venture Partners. He is also the host of Founders@Fail and author of Inc.com's "Failing Forward" column, where he interviews veteran entrepreneurs about the bumps, bruises, and reality of life in the startup trenches. His leadership philosophy: be humble enough to realize you don’t know everything and curious enough to want to learn more. He holds a B.A. and M.B.A. from Columbia University. To contact Schuyler, visit him on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

Have You Nailed Zero Trust (Webinar)
Have You Nailed Zero Trust?
Recipe for Zero Trust is just 7 ingredients. Where does it go wrong? Why is it so hard to nail? This webinar breaks it down in simple steps.
Cloud Infrastructure Security: Meaning, Best Practices & More
Cloud Infrastructure Security: Meaning, Best Practices & More
In this article, we will broadly examine ‌cloud infrastructure security and explain how a strong cloud security posture benefits organizations. You’ll learn what the top three most costly cloud infrastructure security mistakes are and how to avoid them. By the end of this article, you’ll have a clearer understanding of how cloud infrastructure security works, why it is important, and how to secure cloud infrastructure in order to protect critical IT assets, sensitive data, and intellectual property.
Enterprise Kubernetes
Kubernetes in the Enterprise Webinar Recap
Join strongDM CTO Justin McCarthy and a panel of experts as they discuss the challenges, complexities, and best practices of enterprise k8s adoption.
Kubernetes Governance
Kubernetes Governance Webinar Recap
Is k8s governance a challenge for your team? Join strongDM’s CTO and a panel of experts to discover common pitfalls, plus tools + tricks to help manage them.
Cloud-Native Data Protection Panel Recap