Blog

Chris Becker
Site Reliability Engineer Betterment

How to Change the MySQL root Password

April 3, 2020

MySQL is an open-source relational database, made famous by its ease-of-use and simple setup on modern Linux and Windows operating systems. On an unmodified MySQL install, the root user account does not have a password. This is extremely insecure! As a systems administrator, we know that the easiest way to compromise a system is using the default unchanged password with

Read more
Chris Becker
Site Reliability Engineer Betterment

Managing Access to Ephemeral Infrastructure At Scale

April 3, 2020

Managing a static fleet of strongDM servers is dead simple. You create the server in the strongDM console, place the public key file on the box, and it’s done! This scales really well for small deployments, but as your fleet grows, the burden of manual tasks grows with it. With the advent of automated scaling solutions for our cloud environment

Read more
Chris Becker
Site Reliability Engineer Betterment

Creating a User in MongoDB

February 14, 2020

MongoDB is a document-oriented cross-platform database that makes storing and retrieving complex data easy and fast. It uses a JSON-like structure for the documents, which is familiar to anyone working with modern applications. Adding a New User MongoDB provides an internal method, db.createUser(), that is used for making new users in the system. Unlike traditional SQL databases, MongoDB users are

Read more

SSH Audits Made Simple

February 3, 2020

If you work with systems that run any variety of Linux or BSD then the probability is high that you have dealt with SSH. Invented in 1995 and established as an internet standard by the IETF in 2006, Secure Shell has become the default mechanism for remote access to servers by individuals and teams everywhere. SSH Authentication Authenticating yourself to

Read more

What Would My SOC 2 Dashboard Look Like?

October 25, 2019

As your organization pursues your SOC 2 certification, organization is critical.  You will be busy actively managing dozens of ongoing daily tasks, which can bury you in minutiae.  But at the same time, you need to keep your high-level compliance goals in focus in order to successfully move your certification over the finish line.  In this post, we will look

Read more
Brian Johnson
Security Engineer 7 Minute Security

Everything You Need to Know About SOC 2 Audits

October 22, 2019

Whether you’re looking to achieve SOC 2 compliance, or just want to learn more about it, your Googling is bound to lead you to a wealth of articles chock full of buzzwords and acronym soup. In this post, we will provide a guide with definitions, links and resources to gain a solid understanding of everything you need to know about

Read more
Brian Johnson
Security Engineer 7 Minute Security

The Definitive Guide to SOC 2 Policy Frameworks

October 17, 2019

If this is your first time pursuing SOC 2 certification, you will quickly find that documentation is the cornerstone of a successful audit.  Writing clear, concise policies is especially critical, and if you don’t currently have a policy structure in place, it can be difficult to figure out which policies you need.  In this post, we will help you get

Read more
Peter Tormey
Contributor

A Practical Approach to Just-in-Time Access for Developers

October 15, 2019

You're the DBA or maybe the Sysadmin at your company. Whatever your title, you’re the gatekeeper, and the key master for your company's database servers. You stay awake at night wondering if you’ve done everything you can to safeguard your database systems. But all those application developers need, errr want, access to production databases and servers. Whether it's relational databases

Read more
Chris Becker
Site Reliability Engineer Betterment

strongDM for Admins— Getting Started

October 10, 2019

You’ve done it— you’ve taken the plunge. You’re ready to move away from complicated user management like LDAP, ready to stop worrying about private keys existing on developer laptops, and ready to up your compliance game with audit trails all of your SSH and database sessions. You’re ready to move forward and implement strongDM in you infrastructure. Lucky for you,

Read more