Securing sensitive company data starts with limiting who can access that data, and adopting a zero standing privileges security approach is a great way to control access. In this article, we’ll discuss what zero standing privileges (ZSP) are, how standing privileges are created, and how just-in-time access makes a ZSP model feasible. We’ll explore the risks that accompany standing privileges, the benefits of a zero standing privilege philosophy, and best practices to follow when adopting a ZSP
Posts by Category:
- SOC 2
- Privileged Access Management
- Identity and Access Management
- Zero Trust
- ISO 27001
- Role-Based Access Control
- Secure Access Service Edge
In this article, we’ll compare the top IAM solutions: StrongDM, CyberArk Identity, Okta, BeyondTrust, ManageEngine AD360, Saviynt, and Twingate. We’ll explore what business needs identity and access management solutions address, and review the pros and cons of each. By the end of this article, you’ll know how to choose the right IAM solution for your organization.
Cloud data protection is an increasingly popular element in an organization’s security strategy. In this article, we’ll explore what cloud data protection is, why it’s important, and the best practices to follow when migrating to the cloud. By the end of this article, you’ll understand the benefits and challenges of adopting a data security strategy for cloud environments.
In this article, we’ll cover the 14 specific categories of the ISO 27001 Annex A controls. You'll learn how to decide which ISO 27001 framework controls to implement and who should be involved in the implementation process. By the end of this article, you'll have a basic understanding of ISO 27001 Annex A controls and how to implement them in your organization.
In this article, we’ll explore the basics of NIST 800-53 compliance and cover the complete list of NIST 800-53 control families. We’ll also provide a 5-step NIST 800-53 checklist and share some implementation tips. By the end of the article, you’ll know how organizations can use the NIST 800-53 framework to develop secure, resilient information systems and maintain regulatory compliance.
It is no surprise that President Joe Biden issued a Zero Trust executive order to protect federal government networks. On May 12, 2021, recognizing the dire situation, Executive Order (EO) 14028 was issued, focusing on protecting the U.S. from cybercriminals and cyberattacks. EO 14028 specifically recommends Zero Trust Architecture as necessary to defend the nation against threat actors. This post provides a summary of Executive Order 14028.
In this article, we’ll define centralized identity management and explain the difference between centralized and decentralized identity management models. We’ll explore what centralized access control is, how it works, and how centralized access management handles provisioning, authentication, and authorization. By the end of the article, you’ll know how to choose between centralized account management and decentralized models to prevent cybercrime and streamline provisioning workflows.
StrongDM integrates with your favorite cloud secrets manager to provide an end-to-end version of remote access for more than just privileged accounts.
At StrongDM, living out our People-First values through volunteer work is a huge part of our culture.
Saviynt is a popular identity and access management solution (IAM), but it may not be the best choice for every organization. In this article, we’ll explore powerful alternatives to Saviynt for companies with cloud-first IT infrastructure. By the end of this article, you’ll know whether Saviynt or one of these Saviynt competitors is the right fit for you.
In this article, we’ll explain the concept of automated provisioning and how it's used in identity and access management. You'll learn about the importance of automated provisioning in an organization's IT management and its benefits to businesses and system administrators. By the end of this article, you'll have a deep understanding of automated provisioning and how it works.
In this article, we will look at three important types of access control in security. You’ll learn about the different types of access control, how they work, and their pros and cons. By the end of this article, you’ll understand what type of access control will work best for your organization and meet your security needs.