<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Fine-grained Policies. Continuous Auth-Z. Zero Trust. 🔒 Join us for the Policypalooza webinar series!
Search
Close icon
Search bar icon

Reduce Security Risk with StrongDM Device Trust

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

We are thrilled to announce a new feature to our StrongDM® Zero Trust Privileged Access Management (PAM) Platform: Device Trust. This feature amplifies your organization's security posture by employing device posture data from endpoint security leaders CrowdStrike or SentinelOne. 

This ensures that access requests to your critical infrastructure, including databases, clouds, servers, clusters, and web applications, are not granted implicitly but rather granted explicitly after a robust evaluation of the user's device security to protect the target systems. 

What is Device Trust

With Device Trust, the authorization has a two-step affirmation: Trust the user, trust the device, and then grant access and authorization to continue operations. This feature provides a deeper context for every access request by analyzing the risk profile of the device utilized for the request. Organizations can ensure that only those devices that meet their device security and health requirements are allowed to connect for privileged operations. 

With insights from endpoint management solutions, StrongDM ensures that authenticated users are only authorized to gain access when risk falls below a certain threshold.

Key Benefits of Device Posture Trust Assessment

Context-based Access

  • Gain a sharper focus on access by understanding who is accessing, from where, and what device they use. 
  • Utilize risk signals from CrowdStrike or SentinelOne to intelligently decide access based on the device's risk score and location.
  • Policies could also block access to resources if no security evaluation agent is running on the device. 

Continuous Risk-based Assessment

  • Regular evaluation of connection health ensures that your security posture is always at its peak. 
  • In real-time, revoke access automatically if the device risk score lowers beyond a specified threshold, keeping potential threats at bay.
  • Assessment is done with the initial login/access attempt and continues throughout the session, so if risk goes up during the session, access can be blocked. 

Reduce the Attack Surface

  • Minimize the risk of unauthorized access by denying or swiftly revoking access from high-risk devices.
  • Mitigate potential threats efficiently and uphold your organization's security integrity.

Dynamic Security Policy

  • Tailor StrongDM security policies based on endpoint insights regarding device posture, ensuring your operations are optimized according to your unique operational needs. You can implement stricter or more relaxed policies based on the device making the connection, or other attributes.

Why is Device Posture so important for authorization decisions? 

Devices come in all shapes and sizes; some are owned and provided by the agency or enterprise, and some are BYOD property of the user. It is essential in a Zero Trust framework to continuously assess the trustworthiness of all elements in a network, including user devices, as part of enforcing strict access control policies. 

Device posture—continuous, real-time evaluation of the security status of a device—must inform trust assessments to achieve the optimal stage of the CISA Zero Trust Maturity Model. It is crucial in determining whether to grant, deny, or limit access to sensitive systems and data.

User Device Risk Scenarios

Malware Infection:  If a device is infected with malware, viruses, or any other malicious software, it's crucial to immediately block access to prevent potential data breaches or further network infiltration.

Outdated Software: Devices running outdated software or operating systems, especially those with known vulnerabilities, pose a significant risk. Blocking access from such devices until they are updated is a crucial security measure.

Unpatched Systems: If a device hasn't been patched with the latest security updates, it may be vulnerable to exploitation. 

Insecure Configurations: Devices with insecure configurations, such as weak passwords, open ports, or disabled firewalls, can be easy targets for cyber adversaries.

Unauthorized Applications: Devices with unauthorized or blocked applications installed should be restricted from accessing sensitive systems to prevent potential security risks.

Rooted or Jailbroken Devices:  Rooted or jailbroken devices can bypass normal security restrictions; thus, they should be deemed high risk and blocked from accessing sensitive resources.

Absent or Disabled Security Software: A device without active security software like antivirus or anti-malware solutions is more susceptible to security threats.

Non-compliance with Corporate Policies: Devices that do not comply with the organization's security policies, such as those missing encryption or disabled screen locks, should be blocked from accessing sensitive systems.

Lost or Stolen Devices: Access from devices reported as lost or stolen should be immediately blocked to prevent unauthorized access.

Assessing Device Posture is a significant step toward Zero Trust, ensuring that your infrastructure remains resilient against threats. As part of the StrongDM Zero Trust PAM Platform, Device Trust combines user trust, device integrity, and dynamic access, leading to a new era of robust identity security.

We invite you to explore the Device Trust feature and experience firsthand how StrongDM is transforming privileged access.


About the Author

, Chief Product Officer (CPO), spearheads the StrongDM Zero Trust PAM platform. Previously, he was the Senior Director at Google, leading the Zero Trust and Identity and Access Management portfolio for GCP. His career includes executive roles at Netskope, driving its transition from CASB to SASE, and at Riverbed Technology. Amol was also a founding member at Tablus, a pioneer in Data Loss Prevention. To contact Amol, visit him on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

What Is Privileged Identity Management (PIM)? 7 Best Practices
What Is Privileged Identity Management (PIM)? 7 Best Practices
Privileged Identity Management (PIM) is a complex cybersecurity approach. But it’s the only proven method you can use to lock down access and protect your precious resources. It can help you keep cybercriminals out and ensure that even your trusted users can’t accidentally—or intentionally—jeopardize your system’s security.
What Is Zero Trust Data Protection?
What Is Zero Trust Data Protection?
Zero Trust Data Protection isn't just the best way to safeguard your data — given today's advanced threat landscape, it's the only way. Assuming inherent trust just because an access request is inside your network is just asking for a breach. By implementing the latest tactics in authentication, network segmentation, encryption, access controls, and continuous monitoring, ZT data security takes the opposite approach.
5 Types of Multi-Factor Authentication (MFA) Explained
5 Types of Multi-Factor Authentication (MFA) Explained
With so many advanced cyber attackers lurking on the threat landscape, a simple password is no longer enough to safeguard your sensitive data. There are many reasons to adopt MFA for your business. It supplements your security by requiring additional information from users upon their access requests—and it significantly reduces your risk of incurring a breach. Several multi-factor authentication methods are available, with varying strengths and weaknesses. Be sure to compare the differences when selecting the best fit for your operations.
Simplify Database Authorization with Policy-Based Action Control
Simplify Database Authorization with Policy-Based Action Control
As enterprises continue to modernize their IT environments, the need for a more advanced and adaptable approach to database authorization becomes increasingly apparent. Traditional models, with their reliance on static roles and broad permissions, are no longer sufficient to meet the demands of decentralized, dynamic infrastructures. StrongDM addresses this gap by offering a solution that emphasizes fine-grained, policy-based action control, enabling organizations to manage database access with the precision and flexibility required in today’s complex business environments.
StrongDM Now Delivers Continuous Authorization for Databases Through Fine-Grained Policy-based Action Control
Access is no longer the primary challenge in enterprise security; it's the actions of users that are most aligned with managing risk. By focusing on how actions are authorized, StrongDM is giving customers a more effective approach to enterprise security. Our policy-based action control ensures that, in addition to access, every user action is scrutinized, delivering a higher level of security tailored to meet the complex demands of modern enterprises.