In response to its “Year of Access” survey findings, strongDM again raises the bar on modern security by enabling businesses to leverage their preferred identity solution and dynamic policies to maximize technical staff productivity within a Zero Trust framework
Businesses can now manage least-privilege access to their critical infrastructure directly from their identity provider, simplifying access management workflows and accelerating development cycles—all while supporting Zero Trust security for hybrid and multi-cloud environments.
“Moving to a first-class integration with Okta has created a more seamless integration between our centralized identity provider solution and strongDM. The ability to manage users and role assignments in a single centralized location has improved the efficiency of our onboarding process, as well as auditing,” said Al Wiesner, Senior DevOps Engineer at Starburst.
“Enforcing access policies based on tags and attributes gives us more flexibility, too, when it comes to automating resource provisioning.”
While identity providers deliver identity-based access for most web applications, critical infrastructure has been the exception. This gap has put the burden on technical staff to manage disparate workflows, track tickets and approvals, duplicate user and group management structures, and adhere to security policies without violating compliance standards.
But today’s infrastructure diversity and ephemerality have pushed this problem beyond human scale. Businesses need an access management solution that centralizes and standardizes all controls, supports a Zero Trust access model, and allows admins to automate workflows and manage access as code.
With this release, strongDM enables businesses to enforce a powerful set of access rules based on attributes such as tags, resource types, and geographic location. Also known as attribute-based access control, access is granted dynamically to roles and their users every time a resource gets spun up or torn down.
Dynamic access controls dramatically simplify the management of permissions and are particularly compelling for those companies that have embraced the infrastructure-as-code mantra, have lots of resources (especially ephemeral ones), and require the flexibility of an access control system that can adapt in lockstep with the infrastructure.
“By connecting identity management solutions with privileged access controls, businesses are finally able to bring identity and access together in one workflow without sacrificing usability, security, or speed,” said Justin McCarthy, Co-Founder & CTO at strongDM.
”On top of that, because DevOps teams continually strive for greater speed and flexibility, dynamic access controls will help them achieve those objectives, especially as environments become increasingly ephemeral.”
With these integrations, businesses can do the following directly from Okta, Azure AD, and any SCIM-based identity provider:
- Centralize employee access to every resource, regardless of location or protocol, with one control plane.
- Instantly authenticate, grant, and revoke just-in-time and audited access to databases, servers, and Kubernetes.
- Replace VPNs and bastion hosts with a secure Zero Trust network.
- Temporarily approve elevated privileges for sensitive operations.
With dynamic access controls, businesses can do the following:
- Manage a rapidly growing infrastructure that has lots of resources, especially ephemeral ones.
- Grant access based on a resource’s attributes, not the specific physical resource.
- Use human words and simple sentences to create access rules that dynamically change when resources change (i.e., are brought online or go offline).
- Enforce either role- or attribute-based access controls.
- Okta documentation
- Azure AD documentation
- Dynamic Access Rules documentation
- Watch a demo of identity provider integrations
- Watch a demo of dynamic access rules
- How strongDM works
- “2022: The Year of Access” Report
strongDM’s infrastructure access platform provides every organization with easy and secure infrastructure access regardless of tech stack or environment. Visit www.strongdm.com.strongdm.com