<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

Want to master Kubernetes access control? 🚀 Join our upcoming webinar!

Search
Close icon
Search bar icon

Has Your Technical Debt Become Unsustainable?

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

Eighty percent of DevOps and Security professionals report that technical debt associated with their current approach to access management is moderate to unsustainable.

So we wanted to examine the issue with a closer look at what tech debt is, how it relates to infrastructure access, and why unwinding short-term workarounds can actually improve productivity. Here’s how.

Technical Debt in Access Management

A software metaphor is more like a searchlight than a road map. It doesn’t tell you where to find the answer, it tells you how to look for it. —Steve McConnell, Code Complete

Ward Cunningham coined the term technical debt as an analogy to fiscal debt. Developers exchange short-term optimizations in code for future efforts needed to manage the issues these workarounds create.

We can extend this metaphor to infrastructure access management, revealing technical debt examples such as:

  • temporary access that is never revoked
  • over-provisioning in the name of speed
  • team or shared logins
  • shared SSH keys
  • incomplete offboarding for terminated employees

In a world where “shipped is better than perfect,” these quick fixes may be worth the investment. Teams can onboard new hires faster, rapidly introduce software into the real world, and iterate quickly on new ideas. But the debt has to be paid off eventually.

Friction Leads to Workarounds

Even well-designed systems will accumulate technical debt. Innovation means environments frequently change, rendering resources obsolete.

Admins must manage access to everything you add to your stack in addition to all existing systems. And the challenge increases the more your organization grows, adapts, and uses new technologies.

If there is friction, people will find workarounds. Nearly all organizations have a technical staff with access to sensitive infrastructure, and those workers are experiencing a lot of frustration. Three out of five people surveyed named “the time it takes to request/grant access to systems or data” as one of their biggest challenges.

  • 53% take hours to weeks for access to infrastructure to be granted.
  • 88% require 2+ people to grant and approve access.
  • 65% rely on shared logins, making audits nearly impossible.

And the problem just keeps getting worse.

People-first Benefits of Reducing Technical Debt

Technological change is a given, and embracing new tools, systems, and ideas will help teams innovate and improve. But as the number of resources that require access grows, so does the complexity of managing that access.

Staying on top of technical debt with this tangle of resources quickly becomes exhausting and demoralizing. The result? Employees start looking to jump ship for a cleaner ride with another company. Customers and investors steer clear of companies vulnerable to data breaches. Technical debt becomes a people problem, not just a technology problem.

Luckily, there is a better way. StrongDM provides a complete map of all your people and resources. It gives admins time-bound, rule-based control over what each user can access, with native support for all past, present, and future infrastructure. No more friction. No more workarounds.

Want to learn more about the technical debt users encounter when managing access to infrastructure? Check out the full report, The Year of Access. Then schedule a free demo of StrongDM to see how you can upgrade your access management today.


About the Author

, Contributing Writer and Illustrator, has a passion for helping people bring their ideas to life through web and book illustration, writing, and animation. In recent years, her work has focused on researching the context and differentiation of technical products and relaying that understanding through appealing and vibrant language and images. She holds a B.A. in Philosophy from the University of California, Berkeley. To contact Maile, visit her on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

How To Delete/Remove Users in Linux (userdel, deluser & Manually)
How To Delete/Remove Users in Linux (userdel, deluser & Manually)
As a system administrator, a time will come when you’ll need to delete or remove users in your organization’s Linux system. It could be due to security reasons, routine account management, or organizational changes that require you to remove inactive accounts or offboard employees. Whatever the reason, it's important to do this properly to avoid problems like broken processes, orphaned files, and security vulnerabilities.
How to Add a User to Sudoers & Sudo Group in Ubuntu
How to Add a User to Sudoers & Sudo Group in Ubuntu Securely
Security best practices recommend that you manage privileged access for Linux distributions like Ubuntu, just as with any other operating system. That’s why most Linux systems have the root user or superuser and regular users. At some point, you may need to elevate a regular user’s privileges so they can execute root-level tasks, such as modifying system configurations and settings. In this case, leveraging sudo can be helpful.
How to List Users in Linux (9 Methods with Examples)
How to List Users in Linux (9 Methods with Examples)
Need to keep tabs on who has access to your organization’s Linux system? This guide explores nine methods, with examples, that can help you quickly list users.
SCP Command in Linux: 10 Essential Examples
SCP Command: Securely Transfer Files in Linux (10 Examples)
Discover 10 ways to leverage the SCP command in Linux. Learn how to incorporate options for specific file transfers and how to deal with common errors.
How To Use SSH to Connect to a Remote Server (Windows, Linux & Mac)
How To Use SSH to Connect to a Remote Server (Windows, Linux & Mac)
Secure Shell (SSH) is one of the most effective ways to access and manage remote systems. This technology encrypts communications between the client and the server, enhancing system security and preventing unauthorized access. Another important benefit of SSH is its simplicity. This technology is relatively easy to use with various tools and clients, as we will demonstrate below. Plus, you can also use SSH for file transfers, running commands, and even tunneling. This guide explains how to use SSH to connect to remote servers across Windows, Linux, and MacOS environments.