We take security seriously. This article addresses some of the common questions we receive regarding security. If we are missing anything in this article, or you would like to report a security related concern, please send us an email to security@hostifi.com to let us know.
OS and Application Security Updates
We stay up-to-date on OS and application updates for all servers
HostiFi Website
We use Cloudflare Web Application Firewall
All account passwords are stored securely in a hashed format
The website does not store any passwords to your UniFi or UNMS server once you have changed your credentials on that server
SSH Access
We use public key authentication instead of password based authentication
We use Duo for 2FA on all of our SSH accounts
Application Logins
We do not have an admin account on your servers
We recommend securing your UniFi and UNMS logins with 2FA
Backup and Disaster Recovery
More info on our Backup and Disaster Recovery policy here.
Internal
Our employees are trained on security best practices
We use long random passwords
We use 1Password and discourage password reuse
We use 2FA for all of our accounts wherever possible