Justin McCarthy, Co-founder and CTO of StrongDM, explains how context signals - like device health, location, and time - help organizations make smarter, more secure access decisions. He also highlights the challenge of managing diverse resources across cloud and on-prem systems, and how broad coverage enables a single, consistent approach to authentication, access, and auditing.
Ontech signals give you more opportunities to identify when a particular action is not safe.
And so some of the reasons it may not be safe may be innocuous, but by adding more and more context awareness to a given action, for example, the health of a device, the geography, of origin of a particular action, the time of day or the level of sensitivity of the underlying resource.
By factoring all of these into an authorization decision, whether to approve or deny a particular update or request or change, this is gonna give you more chances to identify when an unexpected or even a malicious workload is responsible for originating that action.
So context and true deep security are absolutely necessary. What Is broad resource coverage? Why is it important each of the resource providers and the vendors that create systems that you could regard as resources?
So for example, a cloud service provider or even a database vendor.
So these systems are responsible for creating the compute and storage environments that our workloads run on.
Those resources don't have a lot of incentive to work together.
So if I have a type of resource that in one case might be compute related, and another case might be, you know, even a traditional database, they don't share a lot in common in terms of, for example, how you authenticate or how you protect them.
They're each sort of different and they each have their own style of authentication.
Then you add cross-cloud and cross-cloud and on-prem diversity, and you have yet again, different stories about how network access happens, how encryption hap happens, and how authentication happens.
Broad resource coverage means we have universal consistent approaches to all of the underlying types, whether it's an object store in a cloud, or whether it's a data center with a traditional database workload in.
By unifying the approach to authenticating into each of those systems, accessing each of those systems from a network perspective, authorizing the actions within those systems and then auditing, we create again that cross cloud, cross environment feeling and experience of uniformity that allows your IM designers and security architects to design once and then run anywhere.
Deciding which resource and protocol to support within StrongDM is the easiest decision ever because it's simply the answer to, is this important to you?
If this is important to your business and is storing sensitive information and there are consequential compute functions that are happening within that resource type.
