Title: Storing Secrets in Cloud based Key Management Services
Speaker: Dan O'Boyle, Stack Overflow, Inc.
Do you encrypt secrets before committing them to a repository? Are API keys and passwords stored in a local library any team member can decrypt? Are you forced to re-encrypt all secrets anytime access has changed?
Stop doing those things!
Cloud Based Key Management Services (Google KMS, Azure Key Vault, Amazon KMS) provide encryption keys as a service. KMS create a centralized access control list. Using a KMS, you can centralize secrets, removing them from local libraries. Key rotation can be automated, often times making a KMS more secure than local key management practices.
About the speaker:
Dan works as an Internal Support Engineer on the IT team at Stack Overflow. He started his career as high school teacher and transitioned into a System Administrator. He enjoys creative collaboration to solve solvable things, and using automation for everything else.
6:30pm Doors open 6:30-7pm Social time 7pm: Speaker starts 9pm: Meeting ends Thanks to our sponsor, Third Republic, for this month's pizza, drinks, and beer! http://www.thirdrepublic.com