The common element in all these data breaches is access control. As one security expert noted from the MyFitnessPal breach, “trust but verify” isn’t enough when data is stored in the cloud and accessed from locations outside a company’s secured internal network. The infrastructure access security gap has only expanded with the rise of remote work and increased numbers of connected systems.
Posts by Category:
- Security
- Access
- Auditing
- Policy
- Privileged Access Management
- SOC 2
- Zero Trust
- DevOps
- Compliance
- Authentication
- Identity and Access Management
- Databases
- Compare
- Team
- Product
- Integrations
- AWS
- Podcasts
- Productivity
- Kubernetes
- SSH
- ISO 27001
- Dynamic Access Management
- Engineering
- HIPAA
- Observability
- Role-Based Access Control
- Secure Access Service Edge
- Webinars
- Events
- NIST
- Onboarding
- Passwordless
- Offsites
- Platform
- PCI
With the release of tighter integrations with Okta and Azure AD (or any SCIM-based directory service for that matter), you now have the ability to manage just-in-time, least-privilege access to your critical infrastructure right from your preferred identity provider (IdP), dramatically reducing the time needed to approve requests and grant access.
Abdul Siddiqui, Customer Success Manager at strongDM, tells us about a trip to Pakistan and the door-opening power of judicious quiet.
The way companies look at infrastructure access is changing. With so many data sources and types of information, ever-changing regulatory requirements, and the need to scale up or down quickly, even the terms we use to describe infrastructure have changed.To help you keep up with it all, this glossary contains definitions for infrastructure access terms you’ll hear as you work to manage access for your organization.
strongDM asked 600 DevOps pros about the state of infrastructure access today. Their response? It’s out of control. Here’s an overview of our results.
Database sprawl is a lot like expanding into the suburbs: your house may be empty at first, but before you know it, you’re having to stuff things into your attic.
Managing a static fleet of strongDM servers is dead simple. You create the server in the strongDM console, place the public key file on the box, and it’s done! This scales really well for small deployments, but as your fleet grows, the burden of manual tasks grows with it.
During a featured session at this year’s DevOps Experience, Olive AI CloudOps Engineer Kellen Anker spoke with Justin McCarthy, strongDM CTO & Co-founder, about his company’s journey towards achieving one-click onboarding access and the resulting radical improvements in workforce efficiencies.
This article presents an overview of RBAC vs. ABAC, plus several additional models of access control, including PBAC, ACL, and DAC. You will learn what these methods are, how they differ from each other, and the pros and cons of each.
In this article, we will take a comprehensive look at software-defined networking (SDN). You’ll learn what it is, how it works, and what its benefits and disadvantages are. You’ll also learn how SDN compares to and works with other types of networks and get answers to common questions.
In this article, we’ll review the basics of microsegmentation and discuss it in context with other network security models and practices, including Zero Trust, software-defined networking, and network segmentation. You’ll learn about the benefits of microsegmentation, how it works, challenges for implementation, and best practices.
Data breaches are a perpetual risk for modern organizations — and the wider your attack surface, the higher your organization’s risk of a breach. In this article, we will take a high-level look at what your attack surface is, what vectors and endpoints may be at risk, and how to analyze your attack surface.