Enzo Configuration Secrets Vault

Leverage Enzo proxy acounts and secret vault for applications and users so that application secrets are never seen by developers. Implement strong separation of duty by allowing administrators to manage secrets.

The Challenge

Building applications (web, mobile and IoT) requires storing service credentials and API secrets in application configuration files so that the application can function. Even if configuration secrets are pushed during deployment, application developers may still write sensitive information in log file, by accident. Or not.

Enzo Solution

Central Configuration Settings

Enzo securely stores API secret keys so that applications do not have to; Enzo provides proxy accounts that developers can use to build systems so that developers, and applications, may never see them directly. Applications rely on Enzo to make the actual API calls, so that the API secrets never leave Enzo.

Example: Jane needs to send tweets from her Windows application. With Enzo, she only needs to store the proxy account that the application will use to send tweets. The actual Twitter secrets are never visible to Jane, or the application.

Separation of Duty

Companies that need to enforce strong separation of duty can easily create ACL rules that allow certain individuals to manage account access and passwords, while preventing developers and power users from accessing the actual API keys.

Example: John, an InfoSec engineer, is granted access to Enzo to manage corporate API keys (such as the Twitter account). John can then grant access to search from the Twitter timeline to Joe, in the Marketing department.


Rapid Development