We take the security of our infrastructure seriously.
Some things we do
- We attempt a secure-by-default configuration on all of our services. This means internally we enforce 2FA, strong passwords and use zero-trust solutions to restrict access to sensitive admin & server endpoints (including SSH).
- We utilize full-disk encryption that is protected by a strong password on our dedicated servers that may store any potentially sensitive user data.
- We prefer modern TLS cipher suites and enforce HSTS across on our hostnames when possible.
- We have enabled DNSSEC on all of our domains.
- We verify our identities on keybase.io/unredacted_org
Our PGP keys
- For messaging us, you can use our messaging PGP key.
- For any message signing, we will use our Keybase PGP key.