Security

These are some of the areas where I have dedicated my efforts when it comes to security:

• All vital and IPR associated systems are protected via MFA
• Grandular IAM permissions configured for AWS services, users and roles
• I always adhere to the Least Privilege Principle
• Web Application Firewall (OWASP)
• Web application XSS, SQL Injection, encoding, securing cookies, role & claims based authz
• I always encrypt data at rest and also when in transit
• I always encrypt systems credentials (including 3rd party’s) and always include extra layer of encryption
• All passwords are hashed
• To isolated blast radius of environments by separating dev/test & prod into different accounts. I restricted account user access in production
• When I need to share a password, I do it via keybase and I never accompanied it with username or other identifiable key.
• I use a password manager & where appropriate share credentials via this route (avoids colleague writing down and exposing during demo)
• I never show passwords via a communication platform (slack, skype, …)
• If I use wifi, I use vyprvpn
• I educate my colleagues on the above actions & preventitive measures

• security
• tls
• at rest
• in transit
• waf
• hashed
• password manager
• wifi
• owasp
• iam
• mfa