We take the security of our infrastructure seriously.
Some things we do
- We attempt a secure-by-default configuration on all of our services. This means internally we enforce 2FA, strong passwords, SSH keys and firewall off any admin access pages.
- We utilize full-disk encryption on dedicated servers that store any potentially sensitive user data.
- We enforce modern TLS cipher suites on our hostnames and enable DNSSEC on all of our domains.
- We verify our identities on keybase.io/unredacted_org
Our PGP keys
- For messaging us, you can use our messaging PGP key.
- For any message signing, we will use our Keybase PGP key.