If I was on Slack at work and someone tried sharing secrets I would immediately say hey, we have protocols for this. Now we have to rotate keys. Please follow the protocols. Let’s walk you through it if you don’t remember. Etc.
And those are just API keys or similar data. We take it seriously because 1. It actually matters and 2. The habit will save your ass when it counts. Make it a habit
These guys have not made security a habit. It doesn’t actually matter to these guys. That’s scary. This is so much more than access to my org’s AWS services.
If I was on Slack at work and someone tried sharing secrets I would immediately say hey, we have protocols for this. Now we have to rotate keys. Please follow the protocols. Let’s walk you through it if you don’t remember. Etc.
And those are just API keys or similar data. We take it seriously because 1. It actually matters and 2. The habit will save your ass when it counts. Make it a habit
These guys have not made security a habit. It doesn’t actually matter to these guys. That’s scary. This is so much more than access to my org’s AWS services.