Secure Data & Processing
JobXu utilizes sophisticated centralized identity-based dynamically encrypted secrets management methodology. Whether it’s DevOps, live transactional processing or information storage our platform maintains automatic key rotation and audit logging, increasing systemwide security and eliminating risks created by secret sprawl.
“Secrets Management” are the tools, methods and policies defined by the security team for managing and enforcing digital authentication credentials (secrets) of sensitive security information, personally identifiable information, and IT systems security information including passwords, keys, APIs, and tokens used in applications, services, including microservices, privileged accounts and other sensitive components related to data handling throughout the platform and interaction with partner systems.
Our best practices include:
- Encrypted Centralized Secrets
Preventing the sprawl of where and how credentials are managed and processed regardless if they are for end-user access, Database and information storage credentials, API tokens, containers, or TLS certificates including servers, virtual machines, applications, microservices, scripts, hardware and machine identity management, etc...
- Access control lists (ACLs)
Secure humans, agents and services and all access points including the UI, API, and CLI. ACLs operate by grouping rules into policies, then associating one or more policies with a token or access
- Dynamic Secrets
Provide unique temporary encrypted credentials to individuals, systems, services or entities keeping the core credentials safe and enabling instant pinpoint identification of any access.
- Encryption as a Service (EaaS)
Enabling encryption of data in transit and at rest. Scaling
- Auditing
Realtime auditing based on the dynamic secret processing information so there is never a doubt who or what accessed systems and services enabling the walling off of any identity, service or machine.
