Hello from SecretHub

By now, you’ve heard the news. SecretHub, the company I founded in 2014, is joining 1Password. I’ve shared my thoughts and next steps with SecretHub customers – without whom I wouldn’t be here – but today I want to address you, 1Password customers.

I’ll start by saying this:

Boy, it’s good to be here. Let me tell you why.

The SecretHub story

The first product we built at SecretHub was a secure, end-to-end encrypted file syncing service. While working on that application, we ran into an interesting problem.

Like everyone else, we were deploying more frequently than ever before, sometimes multiple times a day. And like every cloud application, our software needed a handful of credentials to access a database and a few APIs. But where to put those credentials?

We had two options. We could put the secrets in our code (or somewhere else where they would be visible to a number of people) but that would leave them exposed. Or we could restrict access to one person (me) and manually input the credentials each time we deployed.

Choosing security over speed, we opted for the manual route. I didn’t like having to choose between speed and security, so I started looking for solutions… only to realize that what I was looking for didn’t exist at the time.

So, much like Dave Teare and Roustem Karimov built 1Password to solve their own password management problem way back in 2005, we scratched our own itch and built the secrets management platform we desperately needed ourselves. SecretHub was born.

Building for developers

Our mission was to bring great secrets management to every business, of every size and every budget. To accomplish that, SecretHub needed a killer user experience, including a proper interface.

That required more resources than we had at the time, so we focused instead on building a great tool for people who don’t particularly need an interface: software engineers. By focusing on developers, we could forego the visual experience and build great command-line tools.

That focus allowed us to think like developers, and for the questions we were asking to evolve. How do you deliver a secret from a central store to the application itself in a way that requires almost no changes or implementation effort? How do you do it in a way that’s consistent across all your environments, whether it’s development or production, or whether you’re working locally or in CI/CD, or on AWS?

Creating a consistent experience wasn’t just about usability; it also saved a ton of resources. By simplifying and standardizing, you free up a lot of time that IT would’ve otherwise spent doing training, integration, and maintenance. Not to mention drastically reducing incident response time.

What we can accomplish, together

If you build a company that focuses on solving developer problems with simple, elegant command-line tools, but dream of having the resources to build a world-class user experience, who better to join forces with than 1Password?

We’d been a 1Password business customer for years. We knew what 1Password was: an exceptional user experience built on an uncompromising security architecture. The technical bits all fit.

More importantly, the philosophical stars aligned, too.

1Password believes that good security starts with making the most secure thing to do the easiest thing to do. Unfortunately, 96 percent of developers recognize that there’s a fundamental disconnect between security and productivity, according to a 2020 ShiftLeft report.

And they’re right. There are always competing priorities, and security is usually the first thing to be cut in the pursuit of speed and agility. But by making it easier to do the secure thing than to do the insecure thing, you enhance security and eliminate bottlenecks.

That’s what Secrets Automation does. It enables organizations not just to move faster without compromising security, but to move faster precisely because you’re enhancing security. As someone who’s been in this game for a while, that’s exciting. It changes everything.

Now, let’s get to work.

Director of Engineering, Developer Products

Marc Mackenbach - Director of Engineering, Developer Products Marc Mackenbach - Director of Engineering, Developer Products

Tweet about this post