YALE-MSS-9.8: Secure and/or limit storage of authentication information

Standards Group:
YALE-MSS-9: Authentication and Authorization

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Guidance

Do not store sensitive credentials in source code or configuration files. Instead, use appropriate secrets management tools offered by Cloud providers such as AWS, found in container environments such as Docker or Kubernetes, and made available through operating systems (e.g., the Linux keyring).

Controls

YALE-MSS-9.8.1: Document secrets management decisions and operational practices

YALE-MSS-9.8: Secure and/or limit storage of authentication information

Standards Group:YALE-MSS-9: Authentication and Authorization

Details

Controls

Standards Group:
YALE-MSS-9: Authentication and Authorization