GLOVO
As Antukh remarks , “ that allowed us to be constantly in touch with our employees and to start changing the mindset towards a more security-aware one .”
“ We started the Security Champions programme in product security , so we are able to ensure the security by design of our code ,” he continued . Firstly , Antukh established guidelines and policies such as passwords , but the second factor involved Bitwarden , a key partner for Glovo .
Bitwarden helping to keep Glovo secure Bitwarden is an open source password manager , and is considered one of the most secure and privacy-first options on the market . As Antukh explains , “ when we started , we were tackling the problem of weak passwords at Glovo . I ' d personally been using Bitwarden for some time . We just decided to try it for corporate security purposes , and it was a big success . Our primary use case is to secure the shared set of credentials files , and other sensitive information , among the team members . So we specified a list of authorised users and ensured that no one from the list had access to sensitive information Bitwarden helped us to comply with PCI DSS . They also helped us to cover a few important controls of our cyber security framework . So overall , they have become an integral security tool for the whole company . We are pleased to see how they can contribute in future to the overall protection of Glovo .” he said .
Cyber concerns of now and the future Like others in the tech space , one of Glovo ’ s common enemies in the cybersecurity realm is the increase in rates and sophistication of ransomware and potential cyber attacks in general . Glovo has a complex approach to how they protect against this and that concerns all teams . One of the key adoptions is that of zero trust , which aims to tackle the major problem of phishing attacks .
Antukh is aware that “ there are many talks about zero trust , and I think that ' s a very good strategy overall , but then of course , we need to remember the foundations , such as asset inventory and visibility of what we have in our networks , and patch management . It is , however , keeping security by design in mind in how we build our products . I think it is really important that we tackle security
cybermagazine . com 105