Security Hygiene for the Current Cyber Threat Landscape
Given the current landscape, PagerDuty expects increased instances of fraud and cyberattacks. Bad actors are opportunists and companies of all sizes are equally at risk. You may have open doors into your network, such as a network that’s not configured properly, or unprotected or weak access information.
As an example, we have recently noticed an increase in attackers seeking to exploit publicly posted API tokens or weak passwords. Related to this, we are continuing to implement additional defenses, monitor diligently and inform customers of suspicious activity on their accounts.
Please take the necessary actions to protect your organization and users. We continue to encourage all of our customers to prepare themselves and their systems for the heightened threat of cyberattacks. Here are a few best practices to optimize the security of your PagerDuty usage:
Secure Your API Keys
- Secure your API Keys in transit through encryption, and secure API Keys at rest by avoiding embedding keys in source code and other shared files. Wherever possible, use secrets management tools to secure keys.
- Do not store API Keys in your applications’ source control tree. Be especially careful if you use public source control management systems such as GitHub, or copy keys to public websites such as pastebin.
- Periodically rotate API Keys. You can do this by generating a new key from the administrative account, updating this key in your applications and then removing your old keys once you have updated integrations. More information can be found on our support website.
Use Strong Passwords
- Reiterate with your teams the importance of using unique, secure passwords on all accounts.
- Encourage users to use a password keeper to securely store passwords.
- If your plan allows, configure SSO on your account.
Support and Secure with TLS
- Consider supporting and using TLS 1.2 or 1.3 as your main protocols, as these versions offer modern authenticated encryption.
- Given their publicly disclosed protocol vulnerabilities, older versions (TLS 1.1 and earlier) should not be considered or used.
We can all support each other and our communities by staying vigilant and adopting a "see something, say something" culture. Please feel free to share this message with relevant security team members at your company.
If we can be of assistance, please contact us at [email protected] for assistance.
Updated 6 months ago