In this video, Justin McCarthy, Co-founder and CTO of StrongDM, explores how enterprises can prevent unauthorized or malicious actions by right-sizing access and authorization across their workflows. He identifies high-consequence actions and implements just-in-time authorization steps that are easy to follow but crucial to protecting sensitive operations.
So to prevent those negative actions from happening in the first place, you're going to begin by identifying what high-consequence actions exist in your enterprise, and then writing policies to attach those high-consequence actions to workflow steps that are easy to complete but still must be completed.
So for example, you might be releasing some sort of code to a production environment, adding a very simple step to verify that that authorization just in time at the moment that it's happening by more than just the person who's initiating the action.
This is something that in principle, we've all wanted to do.
However, the tooling to make that convenient and make that practical has not existed in the past.
So this is something that, you know, in 2024 and beyond, we can aspire to being able to implement those authorizations at the moment and at the level of detail that's appropriate to that action.
And that's what's gonna give you the assurance that a high-consequence action isn't going to be unintentionally or intentionally, but maliciously invoked without your knowledge.
Really, anytime you dig into a particular work group or a workload or a process, really anywhere in the enterprise, you're gonna encounter multiple levels of answer to the question, do we have enough protection?
Do we have enough authorization? Do we have the right roles?
The initial answer is going to be yes, but when you persist and you ask, well, is this role really right sized for that user or that use case for that app, inevitably, and this is cascading throughout the enterprise, the answer is gonna be you're most likely over-provisioned.
You've over-provisioned access.
And if you think about the asymmetry between over-provisioning and under provisioning, if you were under-provisioning access, your applications wouldn't work and your employees wouldn't work, right?
They would sit at their desk and they would twiddle their thumbs because they could not do anything.
So it must be the case that you are either just right or over-provisioned just right is really hard to do.
And so the average case that you're gonna find out there is that you've slightly or substantially over-provisioned.
This is a topic that, I don't wanna call it a dirty secret, but it's something that when you get together with a bunch of professionals that, that have been in this industry for a long time, that's an inevitable acknowledgement that that's par for the course.
And that's something obviously that we hope to help with increasingly to get those over provision cases really right sized for the exact increasingly exact level of authorization for that workload.
Part of our mission is to get closer and closer to that goldilock zone with respect to authorization over time, and creating the tools to make that possible, convenient and really inevitable for your enter.
