Blockchain is one of today's most popular technology buzzwords. At the same time, the notion of DevOps has gained its recognition and momentum. Individually, blockchain and DevOps provide a lot of advantages. Combined, they can give substantial tactical and strategic benefits.
In this topic, we would like to share some of my keynotes in working as a DevOps role in the Blockchain & cryptocurrency.
As you might have known, the Blockchain world is still at a young stage. The source code, the algorithm, and the infrastructure all have to be upgraded or changed from time to time. Therefore, it’s very important to keep track and follow to make sure your system works well. To monitor all the updates, I recommend following the GitHub official repo, Reddit official community, and newsletter.
Needless to say, before you start to upgrade a Blockchain node software to a newer version, you need to ask the developer team to check on the API and documentation changes to make sure everything works as per expectation.
First and foremost, the idea behind the principle of defense in depth is to not rely on ONE type of defense for protection but to instead build multiple layers of defenses. Here are the layers I would recommend.
The first layer would be the network route to your server system. Make sure only your staff with a VPN connection can access your servers.
The second layer is the firewall rules on your system. It must be correctly shielded, sufficient, and easy to understand. It is strongly recommended that you use Cloud Service Providers which provide a friendly portal to manage firewalls, such as GCP or AWS.
The third one would be related to the SSH access to your system. The system must only allow access with SSH keys, not password authentication. Moreover, all SSH keys must have a passphrase, managed in the password manager.
Last but not least, try your best to protect crypto wallets and private key. It’s vital to closely work with the developers and technical managers to find the best methods for secure storage. For example, it is better to divide the private key into multiple parts, one piece in the environment variable, one in local files, one implemented in the code, one put in the database, etc.
Remind yourself every day, that you are the target of hackers. You are the one who has access to all servers, and the one who keeps all the certifications, passphrases, wallets, and secret keys. And you also have the documentation to understand the whole infrastructure.
So first and foremost, separate your personal accounts and authentication to your at-work ones. If an attacker has access to your personal account, he has more chances to get your at-work things.
Secondly, use a password manager to manage your credentials. When an attacker knows your Gmail account, he will try to access AWS or GCP with similar information. So, it is better to make your credentials different on different services.
Lastly, make sure to use all available security methods to protect yourself. Nowadays, with 2FA authentication, people can protect their accounts by both password authentication and phone devices.
You can read more about this topic here.
And those are some of the key things you need to be mindful of when working for a DevOps position in blockchain and crypto. If you are interested in DevOps, you can read more about critical DevOps metrics or learn the 5 mistakes that doom your transformation from the start.
FABA Technology can provide your company with a comprehensive DevOps strategy to elevate your product’s flow and quality. Reach out to us for a free consultation here.