Find an easier way to manage access privileges and user credentials in MySQL databases. Reduce manual, repetitive efforts for provisioning and managing MySQL access and security with strongDM.
Posts by Category:
- Security
- Access
- Auditing
- Policy
- Privileged Access Management
- SOC 2
- Zero Trust
- DevOps
- Compliance
- Authentication
- Identity and Access Management
- Databases
- Compare
- Team
- Product
- Integrations
- AWS
- Podcasts
- Productivity
- Kubernetes
- SSH
- ISO 27001
- Dynamic Access Management
- Engineering
- HIPAA
- Observability
- Role-Based Access Control
- Secure Access Service Edge
- Webinars
- Events
- NIST
- Onboarding
- Passwordless
- Offsites
- Platform
- PCI
On an unmodified MySQL install, the root user account does not have a password. This is extremely insecure! As a systems administrator, we know that the easiest way to compromise a system is using the default unchanged password with admin privileges.
Configure the hosts for logging verbose data, and then send the logs to a cloud provider for long-term storage and access.
SSH audit logs allow you to determine, either retroactively or in real-time, when an unauthorized or destructive action was taken, and by whom.
Whether you’re looking to achieve SOC 2 compliance, or just want to learn more about it, your Googling is bound to lead you to a wealth of articles chock full of buzzwords and acronym soup. In this post, we will provide a guide with definitions, links and resources to gain a solid understanding of everything you need to know about SOC 2 audits.
In this post, we will help you get started with a hierarchy to follow, as well as a summary of each individual SOC 2 policy.
Should application developers have access to production database systems? This is a question as old as Vampires and Werewolves.
A software development lifecycle (SDLC) policy helps your company not suffer a similar fate by ensuring software goes through a testing process, is built as securely as possible, and that all development work is compliant as it relates to any regulatory guidelines and business needs.Here are some primary topics your software development lifecycle policy and software development methodology should cover
Gone are the days of sharing AWS root account credentials in a shared 1Password vault or worse, via email. With this in mind, one of the first steps to securing our AWS account is setting up AWS IAM.
It has never been easier for your company to build new infrastructure. In just a few clicks, you can spin up shiny new servers and databases in the cloud and start using them in seconds. However, in the rush to deploy new services so quickly, companies often let information security be an ...
In this policy, you will define the controls, monitoring, and removal of physical access to your company’s facilities.
BYOD lets employees use their own smartphones, tablets, or laptops to access company resources and perform work-related tasks, allowing them to work from anywhere. This practice offers advantages like increased productivity and company savings on hardware costs. Employees are often more proficient with their own devices, which can mean a more comfortable work environment and result in higher job satisfaction.
Production incidents typically require elevated permission to get your services back online quickly, these can be automated.
Cat Cai is currently the Director of Platform Engineering at Fair. In this talk, alongside Jack Wink and Marshall Brekka, they discuss how Fair eliminated static credentials through automation and tooling decisions. Listen as they walk through how they make sure they enforce least privileged access, and rotate credentials without causing a huge headache in the organization.