We take security seriously. This article addresses some of the common questions we receive regarding security. If we are missing anything in this article, or you would like to report a security related concern, please send us an email to security@hostifi.com to let us know.

OS and Application Security Updates

  • We stay up-to-date on OS and application updates for all servers

HostiFi Website

  • We use Cloudflare Web Application Firewall

  • All account passwords are stored securely in a hashed format

  • The website does not store any passwords to your UniFi or UNMS server once you have changed your credentials on that server

SSH Access

  • We use public key authentication instead of password based authentication

  • We use Duo for 2FA on all of our SSH accounts

Application Logins

  • We do not have an admin account on your servers

  • We recommend securing your UniFi and UNMS logins with 2FA

Backups

  • Nightly backups are stored for 30 days on a private DigitalOcean Spaces bucket

Internal

  • Our employees are trained on security best practices

  • We use long random passwords

  • We use 1Password and discourage password reuse

  • We use 2FA for all of our accounts wherever possible

Did this answer your question?