A small shout out to my colleague Daniel Dunn who wrote an excellent article about how IBM has used technologies like Calico for tenant isolation and how a vault model is used to secure and store sensitive information. The article covers “the vault”, encryption, and secure connections and gives some great examples of what IBM is doing in all three of those areas. Great article and a quick read to understand how this first class SaaS platform secures your information.
A secret is anything that you want to tightly control access to, such as API keys, passwords for database and SFTP servers, and SSL certificates. This kind of data should not lie around and be publicly available in plain text. In fact, it must not be stored in plain text in any location. To store secrets the secure way by limiting access is always a challenge, but IBM Digital Commerce addresses this by making use of a vault management system to store and access secrets. – link