by Virag Mody
Best Practices for Secure Infrastructure Access
Focus on resources and employees, not on networks and environments. The usage of firewalls, VPNs, intrusion detection, and other networking components have been the backbone of managing access to important resources like applications, servers, and databases. But trends towards decentralization and abstraction has made infrastructure increasingly fluid and enforcement slippery. This talk reframes how to manage secure access in a dev-friendly way using four principles:  Base decisions on identity  Make it easy to use  Don’t trust networks, and  Centralize logging with a practical application for SSH at the end.