StrongDM, now part of Delinea, simplifies authorization and access management across cloud, on-premises, and hybrid environments. In this video Justin McCarthy, Co-Founder and CTO, explains how StrongDM tackles over-provisioned access by delivering the right-sized authorization exactly when needed, for databases or critical system actions.
StrongDM helps with overprovision scenarios, trying to get you closer to that right size level of access and authorization by establishing a universal approach to authorization that really works across cloud, across on-prem, uh, and, uh, hybrid situations.
And gives you a way of identifying and then configuring exactly, and in many cases, just in time, exactly that right level of authorization to perform a given action.
A pretty common example of this exists in databases where it might be very common to read information, but it might be written only occasionally.
In those scenarios, the standing or even frequent level of access might restrict a given connection to be able to read some records.
But then the moment you need to escalate to perform an update, uh, then you're gonna be able to subject that action to authorization, including multi-party authorization, obviously, capabilities like MFA, and that's going to help to tailor the profile of that user or that workload or that group to something that's much more appropriate to the way the workload is actually happening, while limiting the amount of time that high level of privilege exists out there in the wild.
So, oftentimes the before state is a story for n different system types, we have n different approaches to authorization.
Okay? And so this might mean one regime that's responsible for some on-prem workloads, one regime that's responsible for, let's say something in AWS, and yet another regime that's responsible for some workloads in Azure.
We would hope that some of the existing IDP and identity tools and governance tools would provide sufficient, coordination to create that unified authorization environment.
But the reality is many of those tools sort of end at the role or group granularity.
Now it's absolutely necessary to go much, much further than that when you're talking about right sizing, specifically these highest privileged roles.
So for these highest privileged action actions in the system, you need to make sure that those actions are taken with additional constraints related to the device, that those actions are being taken by the MFA status of the authentication, and even the workflow sufficiency and completion of, for example, a multi-party authorization.
That's the level of precision that we tend to get into while also creating that uniformity so that, for example, appealing for access regardless of what cloud, goes through the same workflow and then receiving that access.
And then the actions that a user or workload takes are then auditable again in a universal way across any resource type in any of the cloud or non-cloud environments.
