Do not usebrowsers tostore anykind of logininformationAlways use pre-approved datatransfer channelswhen dealing withclient’s or EPAMproprietary dataAlways usecorporate toolssuch as MS Teamsto sharescreenshots andvideo portal toshare a videosNeverreuse yourcredentialsAlways usesecretsmanagement toolssuch as EPAMHashiCorp VaultDo not ignorethe securityof test anddevelopmentenvironmentsInject secretsvia anenvironmentvariable intoyour appAvoidsendingpasswords inemail or chatNeversharepersonalpasswordsTo share informationwith a customer, usecorporate FTPservers, which havebeen designedspecifically for thispurposeUse a passwordmanager thatsecurely stores andmanages thepasswords for youraccounts anddevicesDo not store orshare secretinformationon publicsource coderepositories, suchas GitHub andBitbucketDo not publishEPAM or EPAMclientsproprietary codeto publicrepositoriesNever commitsecrets (keys,password,certificates) toGit repositoriesNever store SSHkeys andcertificates in thesame directoriesas their sourcecodeNever create afile on yourcomputer tostore your logininformationDo not usebrowsers tostore anykind of logininformationAlways use pre-approved datatransfer channelswhen dealing withclient’s or EPAMproprietary dataAlways usecorporate toolssuch as MS Teamsto sharescreenshots andvideo portal toshare a videosNeverreuse yourcredentialsAlways usesecretsmanagement toolssuch as EPAMHashiCorp VaultDo not ignorethe securityof test anddevelopmentenvironmentsInject secretsvia anenvironmentvariable intoyour appAvoidsendingpasswords inemail or chatNeversharepersonalpasswordsTo share informationwith a customer, usecorporate FTPservers, which havebeen designedspecifically for thispurposeUse a passwordmanager thatsecurely stores andmanages thepasswords for youraccounts anddevicesDo not store orshare secretinformationon publicsource coderepositories, suchas GitHub andBitbucketDo not publishEPAM or EPAMclientsproprietary codeto publicrepositoriesNever commitsecrets (keys,password,certificates) toGit repositoriesNever store SSHkeys andcertificates in thesame directoriesas their sourcecodeNever create afile on yourcomputer tostore your logininformation

Securtiy bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
  1. Do not use browsers to store any kind of login information
  2. Always use pre-approved data transfer channels when dealing with client’s or EPAM proprietary data
  3. Always use corporate tools such as MS Teams to share screenshots and video portal to share a videos
  4. Never reuse your credentials
  5. Always use secrets management tools such as EPAM HashiCorp Vault
  6. Do not ignore the security of test and development environments
  7. Inject secrets via an environment variable into your app
  8. Avoid sending passwords in email or chat
  9. Never share personal passwords
  10. To share information with a customer, use corporate FTP servers, which have been designed specifically for this purpose
  11. Use a password manager that securely stores and manages the passwords for your accounts and devices
  12. Do not store or share secret informationon public source code repositories, such as GitHub and Bitbucket
  13. Do not publish EPAM or EPAM clients proprietary code to public repositories
  14. Never commit secrets (keys, password, certificates) to Git repositories
  15. Never store SSH keys and certificates in the same directories as their source code
  16. Never create a file on your computer to store your login information