<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
blog /
Managing Access to Ephemeral Infrastructure At Scale

Managing Access to Ephemeral Infrastructure At Scale

Managing a static fleet of strongDM servers is dead simple. You create the server in the strongDM console, place the public key file on the box, and it’s done! This scales really well for small deployments, but as your fleet grows, the burden of manual tasks grows with it.
All Offboard! The 2022 Tech Staff Offboarding Checklist

All Offboard! The 2022 Tech Staff Offboarding Checklist

Offboarding technical employees can be a complex and arduous process with a lot of moving parts. The key to successful offboarding is to have a clear understanding of what needs to be done, who does it, and how to monitor for any shenanigans from former employees.
How We Automate User Provisioning & Keep Track of Credentials

How We Automate User Provisioning & Keep Track of Credentials

There are a number of ways to automate user provisioning but the real challenge lies in keeping track of those credentials.
What Would My SOC 2 Dashboard Look Like?

What Would My SOC 2 Dashboard Look Like?

As your organization pursues your SOC 2 certification, organization is critical. ‍You will be busy actively managing dozens of ongoing daily tasks, which can bury you in minutiae. But at the same time, you need to keep your high-level compliance goals in focus in order to successfully move your certification over the finish line.
A Definitive Guide to SOC 2 Policies

A Definitive Guide to SOC 2 Policies

In this post, we will help you get started with a hierarchy to follow, as well as a summary of each individual SOC 2 policy.
Software Development Life Cycle (SDLC) Policy

Software Development Life Cycle (SDLC) Policy

A software development lifecycle (SDLC) policy helps your company not suffer a similar fate by ensuring software goes through a testing process, is built as securely as possible, and that all development work is compliant as it relates to any regulatory guidelines and business needs.‍Here are some primary topics your software development lifecycle policy and software development methodology should cover
Physical Facility Access Policy Best Practices

Physical Facility Access Policy Best Practices

In this policy, you will define the controls, monitoring, and removal of physical access to your company’s facilities.
BYOD Policy | Best Practices to Help Keep Your Network Secure

BYOD Policy | Best Practices to Help Keep Your Network Secure

Bring your own device, can be tricky to regulate. At a minimum, your BYOD policy should define certain requirements to help secure your network.
How Betterment Secures Server Access - Automate the Boring Stuff

How Betterment Secures Server Access - Automate the Boring Stuff

Chris Becker is an SRE at Betterment. Previously, he did similar work on Warby Parker's Infrastructure team. At Betterment, he earned the label APT (advanced persistent threat) thanks to consistently tripping alarms with his peculiar scripts and commands. In this talk, he discusses how Betterment's approach to server access controls evolved as the team grew exponentially. With more people and keys to manage, the SRE team needed to find ways to automate more and reduce the maintenance overhead.
SOC 2 Terminology Glossary

SOC 2 Terminology Glossary

SOC 2 compliance, like so many things related to IT and security, is chock full of terms and acronyms to learn. If you are just getting started with SOC 2, it’s helpful to get familiar with this alphabet soup ahead of time so you can move your compliance efforts forward with confidence. Below is a SOC 2 terminology glossary to get you started:
9 Tips for an Effective Security Incident Response Policy (SIRP)

9 Tips for an Effective Security Incident Response Policy (SIRP)

Important core concepts within the SIRP so that you understand the purpose of this policy before writing your own.
How to Create a Bastion Host | Part 1 of a Step-by-step Tutorial

How to Create a Bastion Host | Part 1 of a Step-by-step Tutorial

Step-by-step instructions on how to create a bastion host plus how to create an audit trail by logging SSH commands.
Daniel Leslie Director of Security Intelligence & IT Operations at Namely on the Human Side of Security

Daniel Leslie Director of Security Intelligence & IT Operations at Namely on the Human Side of Security

This week we are joined by Daniel Leslie at Namely who shares his take on the human side of security, and what security at scale looks like for his team. Max, Justin, and Daniel discuss the 3 core things to good company-wide security: psychological safety, vulnerability, and purpose. You have to address these things in a comprehensive manner.
What is Data Center Security & 4 Ways to Improve

What is Data Center Security & 4 Ways to Improve

Data center security refers to the protection of data centers against threats such as cyber-attacks, natural disasters, and human error. The number of data centers has increased significantly over the last decade, and so has the amount of security-related disasters. In 2022, the global data center ...
Infrastructure access app UI
Connect your first server or database in 5 minutes. No kidding.