Get every episode of every Packet Pushers podcast in one very fat, very handy feed! Because too much technology would never be enough. Includes Day Two Cloud, Heavy Networking, Heavy Strategy, Heavy Wireless, IPv6Buzz, Kubernetes Unpacked, and Network Break.
https://packetpushers.net/podcasts/
Day Two Cloud 178: Implementing Zero Standing Privilege (Sponsored)
Welcome to Day Two Cloud! On today’s show we examine the concept of zero standing privilege with sponsor strongDM. StrongDM is a security tool that gives you seamless access to the infrastructure you manage. Zero standing privilege goes beyond just-in-time credentials to a model where no credentials pre-exist, but are created in real-time and paired with appropriate permissions built from policy, also created in real-time. That’s a “maximum security” point of view, and like a lot of security paradigms, it’s an idealistic one. Practically speaking, can zero standing privilege actually be implemented in the average organization? Our guest today is strongDM’s Sebastian Mankowski. Sebastian has a really good handle on the organizational challenges of implementing zero standing privilege, and how to work within them while still getting the security posture result we’re looking for. This episode is a follow-up from an earlier sponsored podcast with strongDM. We discuss: * The concept of zero standing privilege * How zero standing privilege fits into zero trust * Technical hurdles to overcome for zero standing privilege * How to get buy-in from users * Writing zero standing privilege policies * More Show Links: strongDM.com/packetpushers Day Two Cloud 172: Lock Down Access With Zero Standing Privilege (Sponsored Podcast) – Packet Pushers @strongdm on Twitter Transcript: Welcome to day two. Cloud. Today’s episode is a follow up to the last show we did with Strong DM. Strong DM is a security tool that gives you seamless access to the infrastructure you manage. And in that last episode, Strong DM pitched the idea of zero standing privilege. Zero standing privilege goes beyond just in time credentials to a model where no credentials preexist but are created in real time and paired with the appropriate permissions built from policy, also created in real time. I think I got that right. That is a maximum security point of view. And like a lot of security paradigms, it’s kind of an idealistic one, because, practically speaking, can zero standing privilege actually be implemented in the average organization? Our guest today is strong. DM’s sebastian Mankowski Sebastian has a really good handle of the organizational challenges of implementing zero standing privilege and how to work within them while still getting the security posture results we are looking for. Sebastian, welcome to the show. I set you up with a tall order here, man, to take an arguably inconvenient security posture and implement it in an organization. And none of us seem to like inconvenience. [00:01:17.500] – Ethan We really don’t. So we’re going to talk about this, how to implement zero standing privilege. But we should refresh everyone’s memory first on what zero standing privilege is, because maybe you folks have heard of just in time privileges, but you guys are making a distinction at Strong DM between just in time privileges and zero standing privileges. So could you tell us what the difference is between those two? [00:01:39.470] – Sebastian Yeah, for sure. Thanks for having me, Ethan and Ned. Appreciate you taking the time to let me just hear myself talk. Always good to have a little extra time for that. I think that at its core, where I always start in terms of thinking about the differences,