Today, we’ll take a look at what just-in-time access (JIT) means and what types there are. You’ll also learn about what a JIT access solution can do for your organization. By the end of this article, you’ll understand how just-in-time access works, the best practices to ensure secured implementation, and how strongDM comes to the rescue.
Posts by Category:
- SOC 2
- Privileged Access Management
- Identity and Access Management
- Role-Based Access Control
- ISO 27001
- Zero Trust
- Secure Access Service Edge
In our last post, we discussed some of the challenges that are inherent to management of SSH keys across your infrastructure as you scale the number of team members and servers. In this post, we will dig into some of your options and the trade-offs that they provide.
Terraform, we are a go for launch on the strongDM provider! We are happy to announce that strongDM has officially launched as a Terraform provider. That means that in one single configuration you can spin up a fleet of servers, import them into strongDM, and provision your users access in a matter of minutes.
There are a number of ways to automate user provisioning but the real challenge lies in keeping track of those credentials.
On an unmodified MySQL install, the root user account does not have a password. This is extremely insecure! As a systems administrator, we know that the easiest way to compromise a system is using the default unchanged password with admin privileges.
Abstract-away usernames and passwords and allow the systems administrator to keep the master passwords safe under lock & key.
Should application developers have access to production database systems? This is a question as old as Vampires and Werewolves.
Gone are the days of sharing AWS root account credentials in a shared 1Password vault or worse, via email. With this in mind, one of the first steps to securing our AWS account is setting up AWS IAM.
It has never been easier for your company to build new infrastructure. In just a few clicks, you can spin up shiny new servers and databases in the cloud and start using them in seconds. However, in the rush to deploy new services so quickly, companies often let information security be an ...
While primarily geared towards developers, PostgreSQL is also designed to help system administrators safely and robustly store information in databases. In this post, we will demonstrate how to install a PostgreSQL database and then configure Active Directory users to authenticate to it.
At Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords. This week Jeff Burkhart, Senior Engineering Director at Zymergen talks code reviews, code review fatigue, and what to do when agile becomes tedious.
If you work with systems that run any variety of Linux or BSD then the probability is high that you have dealt with SSH. Invented in 1995 and established as an internet standard by the IETF in 2006, Secure SHell has become the default mechanism for remote access to servers by individuals and teams everywhere.
Step-by-step instructions on how to create a bastion host plus how to create an audit trail by logging SSH commands.
This episode Max Saltonstall sits down in Manhattan with Quiessence Phillips, Deputy CISO and Head of Threat Management, City of New York and Colin Ahern, Deputy CISO, City of New York.