Compliance
Secret and key management
Dynafloxis must keep secrets out of source control and define a rotation/recovery policy before it can be treated as high-assurance.
Tasks
- • Store secrets in a managed secret store or vault.
- • Rotate customer-impacting keys on a defined schedule.
- • Rotate compromised or exposed keys immediately.
- • Keep encryption-at-rest enabled for all sensitive stores.
- • Prevent secret values from appearing in logs, exception payloads, or exports.