Information stored on, processed by or accessible via user end point devices shall be protected.
Our employees utilize YubiKeys containing GPG private keys for secure access to all organizational resources, including customer Linux servers and Kubernetes clusters. This ensures that only authenticated users can access sensitive information, providing an added layer of security for both our systems and our customers' environments.
The content of the YubiKeys cannot be altered, which means a consistent security measure is maintained. When necessary, we provide new YubiKeys to ensure seamless access control without compromising security.
Revoking access involves removing the YubiKey from the locations where its associated GPG or SSH identity has been granted permissions. This process allows us to promptly limit access to resources, maintaining the integrity of our operations while ensuring that only authorized users can engage with sensitive information.