In effect, easily accessed API keys means potentially anyone could use them to run up bills, this is akin to having access to someone's credit card and making unauthorized purchases. Yet despite this, API keys are often emailed around an organization without due regard to their sensitivity, or stored on file servers accessed by many people. --Hugh Caroll
Protecting API Keys for Cloud Services
DZone's Guide to
Protecting API Keys for Cloud Services
by
Join the DZone community and get the full member experience.
Join For FreeSite24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.
My colleague Hugh Carroll has a good piece in
Business Review Canada today about
protecting API keys. Be sure to check it out. API keys are just as important to protect as other keys (e.g. SSL keys) but have not got nearly the same amount of awareness from security folks. How long before there is a major publicized API key breach?
Site24x7 - Full stack It Infrastructure Monitoring from the cloud. Sign up for free trial.
Like This Article? Read More From DZone
Topics:
Published at DZone with permission of Mark O'Neill, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}