Enhanced Platform Security with Environment Variables

Enhanced-Platform-Security-with-Environment-Variables.png

Being a central point of receiving and sending data from and to different IT systems, security is Magement’s number one priority. Besides the companies security policies, Magement is continuously adding features to enhance security. A feature that has recently been launched is environment variables. This feature replaced the old method of Magement’s software to configure, store and distribute sensitive data throughout the system.

Environment variables is a best practice configuration for sensitive information, like API Keys, database credentials and others credentials like passwords. With this new feature sensitive data is exposed only when it’s absolutely necessary while remaining encrypted at all other levels like logging, database and code. Magement sends user notifications when mandatory values are missing, reducing potential human misconfiguration.

 
Magement-Screenshot-Environment-Variables.png

Encrypted values throughout the system.

This use case shows a global configuration for connecting to Magento, an Adobe company. Magento is market leader with its digital commerce platform. Magento allows IT systems to subscribe and publish data through its API. The API credentials are configured as an environment variable, assuring the credentials are safely encrypted.

 

Explaining environment variables

Environment variables are dynamic values within Magement. It’s also widely known within operating systems, as Windows and MacOS. These dynamic values can be used to determine specific information. As showcased above, it’s being used to determine secret API credentials. Within Magement two types of environment variables exist, user and system specific environment variables.

System variables are dynamic variables managed by Magement. System variables cannot be managed by users, but if needed they can be overridden by a user defined variable. When a user defines an environment variable with the same name as a system variable, the user variable is leading. After this variable is deleted, the system variable becomes active again.