<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

Curious about how StrongDM works? 🤔 Learn more here!

Close icon
Search bar icon

Reduce Security Risk with StrongDM Device Trust

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

We are thrilled to announce a new feature to our StrongDM® Dynamic Access Management (DAM) platform: Device Trust. This feature amplifies your organization's security posture by employing device posture data from endpoint security leaders CrowdStrike or SentinelOne. 

This ensures that access requests to your critical infrastructure, including databases, clouds, servers, clusters, and web applications, are not granted implicitly but rather granted explicitly after a robust evaluation of the user's device security to protect the target systems. 

What is Device Trust

With Device Trust, the authorization has a two-step affirmation: Trust the user, trust the device, and then grant access and authorization to continue operations. This feature provides a deeper context for every access request by analyzing the risk profile of the device utilized for the request. Organizations can ensure that only those devices that meet their device security and health requirements are allowed to connect for privileged operations. 

With insights from endpoint management solutions, StrongDM ensures that authenticated users are only authorized to gain access when risk falls below a certain threshold.

Key Benefits of Device Posture Trust Assessment

Context-based Access

  • Gain a sharper focus on access by understanding who is accessing, from where, and what device they use. 
  • Utilize risk signals from CrowdStrike or SentinelOne to intelligently decide access based on the device's risk score and location.
  • Policies could also block access to resources if no security evaluation agent is running on the device. 

Continuous Risk-based Assessment

  • Regular evaluation of connection health ensures that your security posture is always at its peak. 
  • In real-time, revoke access automatically if the device risk score lowers beyond a specified threshold, keeping potential threats at bay.
  • Assessment is done with the initial login/access attempt and continues throughout the session, so if risk goes up during the session, access can be blocked. 

Reduce the Attack Surface

  • Minimize the risk of unauthorized access by denying or swiftly revoking access from high-risk devices.
  • Mitigate potential threats efficiently and uphold your organization's security integrity.

Dynamic Security Policy

  • Tailor StrongDM security policies based on endpoint insights regarding device posture, ensuring your operations are optimized according to your unique operational needs. You can implement stricter or more relaxed policies based on the device making the connection, or other attributes.

Why is Device Posture so important for authorization decisions? 

Devices come in all shapes and sizes; some are owned and provided by the agency or enterprise, and some are BYOD property of the user. It is essential in a Zero Trust framework to continuously assess the trustworthiness of all elements in a network, including user devices, as part of enforcing strict access control policies. 

Device posture—continuous, real-time evaluation of the security status of a device—must inform trust assessments to achieve the optimal stage of the CISA Zero Trust Maturity Model. It is crucial in determining whether to grant, deny, or limit access to sensitive systems and data.

User Device Risk Scenarios

Malware Infection:  If a device is infected with malware, viruses, or any other malicious software, it's crucial to immediately block access to prevent potential data breaches or further network infiltration.

Outdated Software: Devices running outdated software or operating systems, especially those with known vulnerabilities, pose a significant risk. Blocking access from such devices until they are updated is a crucial security measure.

Unpatched Systems: If a device hasn't been patched with the latest security updates, it may be vulnerable to exploitation. 

Insecure Configurations: Devices with insecure configurations, such as weak passwords, open ports, or disabled firewalls, can be easy targets for cyber adversaries.

Unauthorized Applications: Devices with unauthorized or blocked applications installed should be restricted from accessing sensitive systems to prevent potential security risks.

Rooted or Jailbroken Devices:  Rooted or jailbroken devices can bypass normal security restrictions; thus, they should be deemed high risk and blocked from accessing sensitive resources.

Absent or Disabled Security Software: A device without active security software like antivirus or anti-malware solutions is more susceptible to security threats.

Non-compliance with Corporate Policies: Devices that do not comply with the organization's security policies, such as those missing encryption or disabled screen locks, should be blocked from accessing sensitive systems.

Lost or Stolen Devices: Access from devices reported as lost or stolen should be immediately blocked to prevent unauthorized access.

Assessing Device Posture is a significant step toward Zero Trust, ensuring that your infrastructure remains resilient against threats. As part of the StrongDM Dynamic Access Management Platform, Device Trust combines user trust, device integrity, and dynamic access, leading to a new era of robust identity security.

We invite you to explore the Device Trust feature and experience firsthand how StrongDM is transforming privileged access.

About the Author

, Chief Product Officer (CPO), spearheads the StrongDM Dynamic Access Management platform. Previously, he was the Senior Director at Google, leading the Zero Trust and Identity and Access Management portfolio for GCP. His career includes executive roles at Netskope, driving its transition from CASB to SASE, and at Riverbed Technology. Amol was also a founding member at Tablus, a pioneer in Data Loss Prevention. To contact Amol, visit him on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

Top 9 Zero Trust Security Solutions
Top 9 Zero Trust Security Solutions in 2024
Zero trust is a security and authentication model that eliminates the assumption of trust and shifts the focus from a traditional security parameter, like a VPN or firewall, to the individual user. Nearly all (92 percent) cybersecurity professionals agree that it’s the best network security approach that exists. In this article, we’ll evaluate the top nine zero trust solutions and help you decide which is right for your organization.
StrongDM vs. AWS SSM Session Manager: Side-by-Side Comparison
StrongDM vs. AWS SSM Session Manager: Side-by-Side Comparison
Both AWS Systems Manager (SSM) Session Manager and StrongDM are solutions for gaining remote access to critical infrastructure. Yet, while they share some of the same capabilities required of an enterprise access management platform, the execution and the ultimate goals they accomplish for security and compliance teams are very different.
Unauthorized Access: 5 New Methods and 10 Ways to Block Them
Unauthorized Access: Types, Examples & Prevention
Unauthorized access—the unauthorized entry or use of an organization's systems, networks, or data by individuals without permission—is a common way for bad actors to exfiltrate data, inject malicious code, and take advantage of all types of breaches, and can have severe consequences for an enterprise and its customers.
Financial Services Cybersecurity Guide: Risks & Solutions
Financial Services Cybersecurity Guide: Risks & Solutions
Financial services companies handle a vast amount of sensitive data, including the personal and financial information of their customers. This makes them a prime target for hackers and cybercriminals who want to steal that data. Hackers are constantly finding new ways to break through the walls of enterprise environments. If successful, they can cause serious problems like identity theft or fake transactions, impacting individuals and companies financially.
13 Password Management Best Practices
13 Password Management Best Practices to Know in 2024
Weak passwords are the third most common attack vector for malicious actors — and often the most difficult for enterprises to control since individual employees typically choose their own passwords. Effectively managing passwords is critical in safeguarding your organization’s assets, maintaining regulatory compliance, and minimizing security risks. In this article, we’ll share 13 password management best practices that will help you keep your systems and data safe from password-related attacks.