Skip to content

DevSec For Scale Podcast – Securing Access To Sensitive Data w/ Yoav Turgeman Levi, Harmonya

In this episode of the “DevSec for Scale” podcast, Jeremy Hess interviews Yoav Turgeman Levi, a Senior DevOps Engineer at Harmonya. Yoav shares his insights on the challenges of securing developer access in modern tech environments, emphasizing the balance needed between granting necessary permissions and maintaining security. Developers often seek high-level access to avoid workflow interruptions, but this can lead to security risks, including accidental data breaches or vulnerability to social engineering attacks.

Yoav provides an overview of his career, highlighting his experience in various tech companies and his current role at Harmonya, a startup specializing in data enrichment for large companies. He discusses the importance of stringent security measures to protect sensitive data and ensure client confidentiality. Harmonya employs strategies like using separate Google Cloud projects for each client and leveraging Google Secret Manager for robust configuration and access control.

Comparing his experiences at larger organizations like Logs.io with those at startups, Yoav underscores the challenges of implementing security measures in well-established systems. He stresses the advantages of incorporating security protocols from the ground up in a startup environment, which can significantly ease future compliance efforts and scalability. At larger companies, retrofitting security measures can be complex and resource-intensive, as illustrated by Logs.io’s transition to using a secret management system.

To wrap up, Yoav offers practical security tips for developers. He advocates for the use of multi-factor authentication (MFA) to significantly reduce the risk of phishing attacks and unauthorized access. Additionally, he recommends implementing a centralized secret and configuration management system early in the development process. This approach ensures that security measures scale efficiently with the company’s growth, avoiding the complications of retroactive implementation.

Subscribe to Newsletter
  • EncryptionKeyManagement_BestSupport_Enterprise_QualityOfSupport
  • PrivilegedAccessManagement(PAM)_HighPerformer_Enterprise_HighPerformer
  • PrivilegedAccessManagement(PAM)_EasiestAdmin_Enterprise_EaseOfAdmin
  • users-love-us

© 2025 AKEYLESS. All rights reserved