Like any other company, we have a lot of sensitive information that we need to protect: internal records, credentials, client data, etc.
As an engineering-focused company, we have to go beyond the conventional and often low-level security practices.
This guide details the security measures that we put in place to safeguard any sensitive and critical piece of information that comes into our hands.
Passwords and Secrets
Passwords are the most common type of sensitive information that any company owns. It’s also a piece of information which, if leaked or hacked, can lead to catastrophic results for the company and its clients.
To prevent an apocalyptic scenario caused by the leakage of authentication credentials, we use Vault.
Vault is a highly secure secrets management tool. All of the data stored in Vault is encrypted, and access is tightly controlled via fine-tuned policies.
Unsealing the Vault even requires multiple people who each own one part of the unseal key.
In short, even if evil people stole our Vault, they wouldn’t be able to open it. Same thing if they stole our Vault and our CEO; they still couldn’t open it! They’d need to steal our Vault and at least three of our people for that, but then we would have other concerns…
Code Version Control
For every product that we work on, be it an internal project or a client project, we always use code version control.
The Version Control Systems (VCS for short) that we use, like many other tools, require authentication before anything can be accessed or changed.
Authentication must happen every time a developer updates the code on the VCS, and every time an automated build/deployment is being triggered.
For authentication, we rely on SSH keys, which are far more secure than a standard username-password pair. SSH keys are long and complex, far more than any password could be. Unlike passwords, SSH keys aren’t transferred to the remote system which removes all risks of interception too.
For an additional level of security, the SSH keys that we use are unique to each developer and to each service that requires access to the code repository (for automatic deployment for instance).