The Problem
IT services require configuration. Part of the configuration are secrets that you don’t want to see exposed. Common examples are database credentials or random values that protect session cookies or authentication credentials. If you are developing software, things tend to get worse with build pipelines, distribution certificates and access keys.
Compromised secrets can lead to user account takeover, data theft, build chain attacks and other costly problems. Bad reputation, the loss of intellectual property and potentially huge legal fees are just a fraction of the possible costs.
The solution
Psono offers with the latest version of psonoci protected environments. Protected environments allow you to run processes and configure them through environment variables without exposing them to the system. These environment variables are loaded securely from Psono, never stored anywhere on the server and are only exposed to a single process.
- Secrets do not end up in any backup
- Offline copies are useless for attackers without network access to Psono.
- Environment variables are isolated so other processes do not have access.
- Secrets can be shared across servers, so standbys or HA siblings don’t run with different configurations.
- API keys can be easily revoked at a central place.
- Workflows can be established so administrators never gain access to the actual secrets.
- Third party services (like e.g. github or heroku) do not have your secrets in their database.
How does it work?
First you have to create an environment variables secret. Please take not that a single secret can hold multiple environment variables so you can group environment variables by e.g. an environment or just because they belong together like a database user and a database password.
