In this recent update, we have introduced Single Sign On (SSO) and Just in Time (JiT) privileges for our infrastructure, spanning all cloud service providers, Kubernetes, and other platform services. These updates aim to bolster our security posture and provide a streamlined access management experience for our users.
Having SSO enforced as the only authentication method ensures we grant and remove access centrally. Appropriate access policies are defined per role basis using least privilege and need-to-know principles on each system. With this, we are also enforcing session duration centrally.
With JiT, we have automated granting and removing elevated privileges to engineers based on which team the individual belongs to and the business use case. These privileges are granted on a temporary basis, for a specific timeframe, which would enable engineers to perform specific tasks and ensure access is revoked after the assigned time is lapsed.
These enhancements have significantly improved the traceability and accountability of all infrastructure changes. On top of this, requiring approval for critical actions means adding an extra layer of protection.
For more information about Mambu, visit www.mambu.com