Calgary Public Library Keeps Credentials & Secrets Safe with Nightfall for GitHub
Industry: Public library
HQ Location: Calgary, Alberta, Canada
Anton Chuppin, Manager, IT Interfaces Group
Public libraries are an essential part of the communities they serve. Founded in 1912, Calgary Public Library has grown to become the second largest library system in Canada, and sixth largest municipal library system in North America. Its 21 locations throughout the city serve over 700,000 members and 6 million visitors each year.
With COVID-19, Calgary Public Library’s services and resources have become even more important. The library provides free access to books, media e-resources, and programs to its patrons via their website, making it easy for people to stay active and connected through the library’s virtual portals. Calgary Public Library’s IT team has a huge task in keeping the website and online resources functional for library patrons, while protecting business-critical data in their code repositories. They rely on Nightfall DLP for GitHub for their data loss prevention (DLP) needs.
Anton Chuppin, Calgary Public Library’s IT Interfaces Group Manager, led a project for his team to migrate their code repository from an on-premises Subversion server to GitHub. Right away, Anton saw a big problem that could expose the entire organization’s sensitive data in the migration.
“We needed to make sure we are not storing any secrets in the code,” says Anton. “The only way to do this reliably was to proactively screen the code for potential secrets.”
The Calgary Public Library IT team needed a DLP solution that could detect and classify secret data like login credentials and API keys. That’s when Anton looked into Nightfall.
“Nightfall was the quickest and easiest way for us to guarantee we are not committing any passwords, API keys, or other sensitive information to our GitHub repositories.”
Keeping secrets safe in the cloud
Anton and his team needed a solution that’s easy to use and fast to set up. Nightfall Radar’s simple point and click dashboard along with its robust REST API provides that versatility for the Calgary Public Library team. Through the Radar platform, they integrate Nightfall’s ability to scan for hundreds of types of secrets and credentials directly into their custom workflows. “This allows us to use Nightfall when and where we want across our code repos in GitHub,” Anton says.
With Radar automatically scanning for data that could leak, Calgary Public Library doesn’t have to worry about exposing data that could compromise their systems. Nightfall’s deep learning based detectors deliver higher accuracy & fewer false positives than traditional approaches. Overall, the IT team has seen a big jump in productivity and confidence in their security. “Our programmers can sleep better at night,” says Anton. “Now we can spend our time developing enterprise applications instead of custom solutions to lint our code for secrets.”
Calgary’s community needs can change quickly as we all adapt to the uncertainty of COVID-19. An elastic cloud-native DLP solution like Nightfall Radar keeps Calgary Public Library’s much-needed services online for everyone.
“We have confidence that our code committed to GitHub doesn’t contain confidential, private information.”
Building a better cloud security stack with Nightfall
The IT world is moving even faster as cloud adoption is exploding. Calgary Public Library has to move and pivot rapidly to meet the needs of their community and patrons, so Nightfall Radar’s fast implementation in GitHub is the best feature for Anton’s team.
“The speed of development has been much quicker than I expected,” he says. “It’s great to have the features implemented even before you realize you need or want them.”
Anton found the right solution to integrate into Calgary Public Library’s cloud security stack. “DLP is a problem that has a very narrow margin of error,” Anton says. “Nightfall Radar solves the DLP problem very well. We are happy to have a tried and tested solution instead of coming up with one on our own.”
With Radar in place to handle the organization’s DLP needs, now the IT team can focus on making the website and other e-resources even better for library patrons. Which means a lot for the Calgary community.
“Nightfall saves us many hours of development by working across all our projects with minimal time spent on configuration.”
If you’re interested in learning more about Nightfall DLP for GitHub, you can view our Guide to DLP on GitHub or schedule a brief demo with our team below.