DEVOPSdigest

strongDM announced a major release, featuring deep integrations with Okta and Azure AD and the ability to create and enforce dynamic access rules.

Businesses can now manage least-privilege access to their critical infrastructure directly from their identity provider, simplifying access management workflows and accelerating development cycles—all while supporting Zero Trust security for hybrid and multi-cloud environments.

While identity providers deliver identity-based access for most web applications, critical infrastructure has been the exception. This gap has put the burden on technical staff to manage disparate workflows, track tickets and approvals, duplicate user and group management structures, and adhere to security policies without violating compliance standards.

But today's infrastructure diversity and ephemerality have pushed this problem beyond human scale. Businesses need an access management solution that centralizes and standardizes all controls, supports a Zero Trust access model, and allows admins to automate workflows and manage access as code.

With this release, strongDM enables businesses to enforce a powerful set of access rules based on attributes such as tags, resource types, and geographic location. Also known as attribute-based access control, access is granted dynamically to roles and their users every time a resource gets spun up or torn down.

Dynamic access controls dramatically simplify the management of permissions and are particularly compelling for those companies that have embraced the infrastructure-as-code mantra, have lots of resources (especially ephemeral ones), and require the flexibility of an access control system that can adapt in lockstep with the infrastructure.

"By connecting identity management solutions with privileged access controls, businesses are finally able to bring identity and access together in one workflow without sacrificing usability, security, or speed," said Justin McCarthy, Co-Founder & CTO at strongDM. "On top of that, because DevOps teams continually strive for greater speed and flexibility, dynamic access controls will help them achieve those objectives, especially as environments become increasingly ephemeral."

With these integrations, businesses can do the following directly from Okta, Azure AD, and any SCIM-based identity provider:

- Centralize employee access to every resource, regardless of location or protocol, with one control plane.

- Instantly authenticate, grant, and revoke just-in-time and audited access to databases, servers, and Kubernetes.

- Replace VPNs and bastion hosts with a secure Zero Trust network.

- Temporarily approve elevated privileges for sensitive operations.

With dynamic access controls, businesses can do the following:

- Manage a rapidly growing infrastructure that has lots of resources, especially ephemeral ones.

- Grant access based on a resource's attributes, not the specific physical resource.

- Use human words and simple sentences to create access rules that dynamically change when resources change (i.e., are brought online or go offline).

- Enforce either role- or attribute-based access controls.