Ultra-secure Authorization
Ensuring secure access to the apps your team uses is the mission of your DevSecOps or Security teams in your company. They should always analyze all the possible ways of authentication and authorization to make the organization’s experience the most secure. Login with SAML or SSO may seem secure, but if a hacker attacks your IdP, your credentials can be stolen leading to consequent data loss. So, it’s always nice to have some other options up on your sleeve.
GitProtect.io doesn’t limit you to a few authentication methods… additionally, to SAML or SSO login capabilities, you can access the backup and restore platform by creating personal access tokens or creating a secure password once you set up your account.
Personal access tokens
Using a personal access token to access an app can enhance the security, flexibility, and control of your organization. PATs usually act as a substitute for passwords, reducing the need to provide actual credentials, including usernames and passwords, during the authentication process. Moreover, it simplifies the management in case an external system is compromised, as you will need only to revoke the token rather than reset the password in all your organization’s scripts and integrations.
In this case, whether you use GitHub, GitLab, or Bitbucket, you can generate personal access tokens for your team members to log in to GitProtect.io to monitor and perform backup and restore operations within the roles you assign to your team members - System administrator, Backup operator, Restore operator, or Viewer.
From its side, GitProtect.io needs minimum permissions of authorization for the token used, requiring the possibility to register the GitProtect application and perform repository backup and restore processes. The app needs permission to access your personal user data, including email and profile information in read-only mode, repositories and metadata information for backup and restore processes.
Login with a username and password
It’s pretty simple to log in to GitProtect.io using a login and password. Once your organization creates a GitProtect account and starts backing up its critical DevOps data, your Security Leader can assign different roles to your team members - System administrator, Backup operator, Restore operator, or Viewer.
Those members of your team who have the roles and their privileges of managing backup performance, get login and password to access the backup and restore platform. Then, all they need is to connect to the management service via <ipAddress>:<port> or a dedicated URL, fill in the Login and Password fields with their username and password, and start performing their responsibilities.
What’s more, GitProtect.io provides you with a secure Password Manager, where you, if you’d like to, can keep your passwords securely.