Security

Security is a critical aspect of our development workflow. This section covers essential security practices that every team member must implement.

Best Practices for Security

• Strong Passwords: Always use strong, unique passwords for all your accounts. A strong password should be at least 16 characters long, combining letters, numbers, and special characters. Avoid using easily guessable information, such as birthdays or common words.
• Two-Factor Authentication (2FA): Enable two-factor authentication on all accounts that offer it. 2FA adds an extra layer of security by requiring not only a password and username but also something that only the user has on them, i.e., a piece of information only they should know or have immediately to hand - such as a physical token.
• Lock Your Laptop: Make it a habit to lock your laptop whenever you step away from it, even if it's just for a short period. This practice prevents unauthorized access to company data.
• Awareness in Public Spaces: When working remotely, especially in public spaces, be mindful of your surroundings. Ensure that no one can overlook your screen. This caution helps prevent shoulder surfing, where an attacker can obtain confidential information by watching your screen.
• Encrypt Your Hard Drive: Encrypt the hard drive of your laptop and any other devices you use for work. Encryption converts the data stored on your device into unreadable code that cannot be easily deciphered by unauthorized people.
• SSH Key: Use SSH keys for secure access to your repositories. SSH keys are a pair of cryptographic keys that can be used to authenticate your identity without the need for a password.

These practices are non-negotiable for working with our repositories and systems.