What are security best practices for Radar?

Account management

  • Use a strong password (at least 10 characters, at least 1 lowercase letter, at least 1 uppercase letter, at least 1 number, and at least 1 symbol).
  • Use a password manager like 1Password or LastPass to generate and store passwords, and use a different password for each website.
  • Use multi-factor authentication (MFA). Enable MFA on the Account page.
  • Do not share your account with co-workers.
  • Use the appropriate role (admin, write, or read) for each co-worker's account.
  • When a co-worker is terminated, delete their account.
  • Use single sign-on (SSO) if supported by your organization.

Authentication

  • Use Test keys for development and Live keys for production.
  • Use Publishable keys (which are restricted in scope) in client-side code. Never use Secret keys (which can read or write any data).

Data management

  • Encrypt data stored outside of Radar (e.g., data sent to integrations or sent to webhooks and stored in a data warehouse).
  • Do not send any PII, like names, email addresses, or publicly available IDs, to the Radar SDK or API. See also privacy best practices.

Did this help answer your question?

thumbs up
thumbs down

Thanks for the feedback! 🙏🏽


Help by drift