<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
strongDM logo

blog

Cloud Infrastructure Security | 3 Costly but Avoidable Mistakes

Cloud Infrastructure Security | 3 Costly but Avoidable Mistakes

The cloud has changed the way we access and secure technical infrastructure, leaving teams lost in a tangle of resources. Thankfully, access doesn’t
What Are the Penalties for Violating HIPAA? (Civil & Criminal)

What Are the Penalties for Violating HIPAA? (Civil & Criminal)

This article breaks down the different HIPAA penalties—including civil and criminal penalties—and the maximum penalties for HIPAA violations. Find
Kubernetes Governance Webinar Recap
Kubernetes Governance Webinar Recap
Is k8s governance a challenge for your team? Join strongDM’s CTO and a panel of experts to discover common pitfalls, plus tools + tricks to help manage them.
NIST vs. ISO: Understanding the Difference
NIST vs. ISO: Understanding the Difference
As a business, you need to have benchmarks to work against in all facets of your work. That's especially true when it comes to cybersecurity. In this area, there are two main groups that offer guidelines: The National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO). What's the difference between the two, and which one should you follow? Here's what you need to know.
Just-In-Time Access (JIT): Meaning, Benefits, Types & More
Just-In-Time Access (JIT): Meaning, Benefits, Types & More
Today, we’ll take a look at what just-in-time access (JIT) means and what types there are. You’ll also learn about what a JIT access solution can do for your organization. By the end of this article, you’ll understand how just-in-time access works, the best practices to ensure secured implementation, and how strongDM comes to the rescue.
ISO 27001 Audit: Everything You Need to Know
ISO 27001 Audit: Everything You Need to Know
In this article, we’ll cover everything you need to know about conducting ISO/IEC 27001 audits to receive and maintain your ISO 27001 certification. You’ll learn about ISO 27001 audit requirements, why an ISO 27001 audit is important, how long it takes to conduct audits, and who can conduct audits that prove your company follows up-to-date information security management best practices.
11 Common Authentication Vulnerabilities You Need to Know
11 Common Authentication Vulnerabilities You Need to Know
In this article, we’ll take a look at what authentication vulnerabilities are, how they emerge, and how these issues can affect your organization. Also, you’ll learn about the most common authentication-based vulnerabilities and their implications. By the end of this article, you’ll know the best practices to prevent these authentication issues and keep sensitive data safe.
How to Avert Authentication Bypass Vulnerabilities for Self-hosted Web Infrastructure
How to Avert Authentication Bypass Vulnerabilities for Self-hosted Web Infrastructure
When it comes to self-hosting critical web infrastructure, modern security requires more than simply siloing an appliance to a local network. In this article, we will discuss new methods for authentication bypass vulnerabilities, simplify end-user experiences, and satisfy compliance requirements—without the need for legacy VPN solutions. Here’s how.
ISO 27001 Certification Process: A Definitive Guide
ISO 27001 Certification Process: A Definitive Guide
In this article, you’ll learn about what the ISO 27001 certification process is and how it can be used to lay the foundation for a secure organization. By the end of this article, you’ll have a good understanding of why an ISO 27001 certification is a signal of an organization’s commitment to data protection and risk mitigation.
ISO 27001 vs. 27002 vs. 27003: What’s the Difference?
ISO 27001 vs. 27002 vs. 27003: What’s the Difference?
Organizations around the world rely on the standards set in the ISO 27000 series for information security management best practices. In this article, we’ll compare the first three standards in the ISO/IEC 27000 family: ISO 27001 vs. 27002 vs. 27003. By the end, you’ll have a better understanding of what each standard covers, how they differ from one another, and when to use them.
ISO 27001 Checklist: Easy-to-Follow Implementation Guide
ISO 27001 Checklist: Easy-to-Follow Implementation Guide
In this article, we’ll walk you through the ISO 27001 checklist you’ll use en route to your cybersecurity certification. From assigning roles to implementing controls, assessing risks, and documenting your processes for future audits, you can use the ISO 27001 compliance checklist to ensure you’re on the right track for your official audit.
StrongDM app UI showing available infrastructure resources
Connect your first server or database in 5 minutes. No kidding.