I'd say using Public Key Encryption tools where only the person you intend to be able to decrypt the data can decrypt it. It's just based on asymmetric encryption where you encrypt the data with the recipient's public key. Then you don't even need a secure way to send them the data, which is of course the beauty of PKE.
For the added security and between devs, I would definitely look into this. But tbh, I even had to work with a client's dev who complained about using SSH keys... (extreme scenario lol) Depending of the person/client I'm in contact with, just asking for a Google API key can be a hassle so I wouldn't risk adding any level of complexity 😅
Google has a way to encrypt emails, so that might be a [less secure] way that can work for less technical people, or you could just send them the actual script commands to use for managing an SSH key, and decrypting a file with it, if they're not sure how.
I'd say using Public Key Encryption tools where only the person you intend to be able to decrypt the data can decrypt it. It's just based on asymmetric encryption where you encrypt the data with the recipient's public key. Then you don't even need a secure way to send them the data, which is of course the beauty of PKE.
Thanks for the share Ferguson 🔒
For the added security and between devs, I would definitely look into this. But tbh, I even had to work with a client's dev who complained about using SSH keys... (extreme scenario lol) Depending of the person/client I'm in contact with, just asking for a Google API key can be a hassle so I wouldn't risk adding any level of complexity 😅
Google has a way to encrypt emails, so that might be a [less secure] way that can work for less technical people, or you could just send them the actual script commands to use for managing an SSH key, and decrypting a file with it, if they're not sure how.
That’s a real good point.