These are some of the areas where I have dedicated my efforts when it comes to security:

  • All vital and IPR associated systems are protected via MFA
  • Grandular IAM permissions configured for AWS services, users and roles
  • I always adhere to the Least Privilege Principle
  • Web Application Firewall (OWASP)
  • Web application XSS, SQL Injection, encoding, securing cookies, role & claims based authz
  • I always encrypt data at rest and also when in transit
  • I always encrypt systems credentials (including 3rd party’s) and always include extra layer of encryption
  • All passwords are hashed
  • To isolated blast radius of environments by separating dev/test & prod into different accounts. I restricted account user access in production
  • When I need to share a password, I do it via keybase and I never accompanied it with username or other identifiable key.
  • I use a password manager & where appropriate share credentials via this route (avoids colleague writing down and exposing during demo)
  • I never show passwords via a communication platform (slack, skype, …)
  • If I use wifi, I use vyprvpn
  • I educate my colleagues on the above actions & preventitive measures
Nifty tech tag lists fromĀ Wouter Beeftink | Page content generated from commit: 6e5482c