Posts tagged with Security:

Thursday, 24 July 2025

The end of password pain: building frictionless authentication at the Guardian
Mahesh Makani

How the Guardian's Identity and Trust team eliminated password friction and improved security by implementing one-time passcodes, leading to 82% of readers now using passwordless authentication

Identity   Security   Authentication  

A photograph of a person holding a phone with the Guardian app open, showing the sign-in screen.

Thursday, 4 April 2024

When security matters: working with Qubes OS at the Guardian
Philip McMahon

The latest version of the whistleblowing platform SecureDrop runs on the Qubes operating system. At the Guardian we used the Salt management engine to set up a Qubes environment where journalists could safely interrogate sensitive documents.

Security  

A screenshot of Qubes OS running Securedrop Workstation and Dangerzone

Friday, 20 December 2019

Securing and centrally monitoring accounts in Amazon Web Services
Kate Whalen

An introduction to AWS Trusted Advisor, AWS StackSets and how they can support cloud security checks.

AWS   Security  

cctv cameras attached to an observation pole, with the sky and clouds in the background

Friday, 18 May 2018

Why the Guardian is using encrypted EC2 root volumes on AWS
Simon Hildrew

In an ongoing effort to adhere to security best practices the Guardian is starting to use encrypted root volumes by default on servers in AWS.

AWS   Security  

Friday, 16 December 2016

Real-world software security lessons
Adam Fisher

Can common-sense and our real-world intuition show us how to write secure software?

Advent developer blog 2016   Security  

Securely bridging the gap between software and the real world.