Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Imagine we are working in a team of around 5 people. We all install new servers

ID: 658782 • Letter: I

Question

Imagine we are working in a team of around 5 people. We all install new servers on a monthly base and need to find a better way of storing and sharing the server credentials (offline-location/webadress, root login, db login, ...) somewhere where the whole team can access them, read/write. This location does not have to be accessible through the internet, but is a can if someone can provide a safe way of doing that.

At the moment:

- currently the one who setup the server has the credentials: remembers them (usually connected to very unsafe standard passwords) or writes them in an email, exchanges them via skype, puts them in a local word document, writes them on a sheet of paper
- ssh-keys are already in use, but it just happened that the service was not available and we needed the root login, but it was hard to find and that should not happen again

What is a safe and best practice of storing and sharing credentials in a team?

Paper only? Samba share with documents? As emails only? Some kind of database? Third party software?

Explanation / Answer

Your issue is quite common and in general referred to as Privileged Account/User/Identity Management short PAM/PUM/PIM/PxM.

Keepass for sure is a solution used quite often, but from security, compliance and audit perspective not the best one. Since you are a team of five it's hard to tell if you have to comply with any policies. But if you have to, a commercial solution would be something to look into. It addresses more than just the password management and sharing passwords across a team, but also individual accountability, reporting and such.

So really it depends on your requirements, what way to go. From my experience I can tell you that there are many different ways used in enterprise environments, starting from paper in a secure location, down to files on shares. Especially regarding files on shares, e-mails or other 'online' storage always remember that there might be some administrator being able to access those who is not intended to.

Related Questions

Imagine the following situation. An object is placed behind a lens. You stand in
Question #1487470
Imagine the following: A corporate executive contacts you, the systems administr
Question #3810450
Imagine the future trends of web technologies, including XHTML, web browsers, an
Question #3714309
Imagine the government starts offering free meals to college-going students. It
Question #1209418
Imagine the government starts offering free meals to college-going students. It
Question #1209419
Imagine the new instruction SUB, meaning subtract, has been added to the ISA of
Question #3916016
Imagine the parents learn that Joey has one defective MC4R gene, inherited from
Question #138728
Imagine the possibility of being able to control the temperature of your home an
Question #3838189
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Imagine we are using a two-dimensional array as the basis for creating the game
Next
Imagine we drill a small tunnel that goes straight down from the North Pole to t

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.