Privileged Access Management (PAM) promises companies a way to secure access to highly privileged accounts and systems so that each person receives only the rights they truly need (least privilege), that it is always possible to trace who has access to what (auditability), and that privileged credentials and permissions can be centrally managed and adjusted quickly—for example during onboarding and offboarding.

In practice, however, traditional PAM solutions were built for a static IT world. The PAM platform from our partner StrongDM is different. It enables something many legacy tools cannot: continuous authorization during active use, designed for modern infrastructures.

When you read about the benefits of PAM listed above, the decision often seems straightforward: we need this too. But in reality, there is often a gap between theory and practice. Workflows are too cumbersome, policies are assigned statically instead of being enforced based on context, and standing access remains in place longer than intended.

Especially in modern environments with Kubernetes, Terraform, databases, and CI/CD, parallel access paths often emerge—SSH keys, local database users, cloud keys—and with them exactly the kind of shadow IT that Privileged Access Management is supposed to prevent. The real value of PAM never gets fully unlocked. And not all PAM solutions are created equal.

Traditional tools behave like a bouncer: they check ID at the door, but ignore what happens afterward. StrongDM’s runtime authorization continuously enforces policies and evaluates every command and every query in real time.

In other words, at the beginning it is verified whether person X is allowed to access system Y. If the boxes for MFA, role, and ticket are checked, the session starts. But that is often where fine-grained control ends. StrongDM picks up precisely at that point and enables control throughout the entire session.

With its Zero Trust access platform, companies do not just assume that access is secure—they can trace it seamlessly and prove it in near real time:

• who accessed what, and when
• how access took place, and under which identity
• which actions were performed, including audit trail and session data

Because of this verifiable level of security, it quickly became clear to our USO team: we had to form a partnership with StrongDM.

Central control layer: Roles and policies are managed consistently across cloud, hybrid, and on-prem infrastructures—regardless of which systems are being accessed.

Control during the session: Access is not just checked at entry; it can also be monitored and governed while the session is in progress.

High transparency and auditability: It becomes visible who accessed what and when, including relevant context information and a traceable audit trail.

Less standing access: Access can be time-limited, approval-based, and provisioned only when needed (just-in-time). That means there is nothing sitting around to be stolen, shared, or rotated.

Built for modern environments: It supports common target systems such as servers, databases, Kubernetes, cloud environments, and internal web tools.

Security that keeps up with DevOps: Seamless access works through the tools teams already use, such as CLI workflows, instead of forcing detours.

Faster onboarding and offboarding: Permissions can be adjusted centrally, without forgotten access lingering in individual systems.

About StrongDM

StrongDM is a privileged authorization provider that gives security teams full visibility and control while enabling developers to get access immediately—by authorizing every action in real time, not just at login.

The first joint project is crucial to any partnership. That is why StrongDM was actively involved throughout the entire sales cycle, contributing both commercial and technical expertise. On the customer side, this created a high level of trust, supported by targeted training for the USO team and by guided implementation (“shadowing”), so that questions could be answered directly in the project itself.

The result was a smooth rollout—and a solid foundation for continued collaboration.

“We chose to partner with USO because the team brings deep, long-standing expertise in identity and security. Through their sister company, umbrella.associates GmbH, they are closely connected to both the challenges and the future ambitions of the German market.”

Hermann Hesse, SVP International, StrongDM

Although Universal Privileged Access is still gaining traction in the German market, many companies are already under increasing pressure to find solutions, because legacy tools are slowing down operations and no longer adequately meeting modern security requirements.

That is why we are looking ahead with confidence. Step by step, we are increasing visibility in the market, building a strong pipeline, and aiming to help the next wave of customers modernize privileged access in a way that is both secure and practical.