We take security seriously. This article addresses some of the common questions we receive regarding security. If we are missing anything in this article, or you would like to report a security related concern, please send us an email to security@hostifi.com to let us know.

OS and Application Security Updates

  • We stay up-to-date on OS and application updates for all servers

HostiFi Website

  • We use Cloudflare Web Application Firewall
  • All account passwords are stored securely in a hashed format
  • The website does not store any passwords to your UniFi or UNMS server once you have changed your credentials on that server

SSH Access

  • We use public key authentication instead of password based authentication
  • We use Duo for 2FA on all of our SSH accounts

Application Logins

  • We do not have an admin account on your servers
  • We recommend securing your UniFi and UNMS logins with 2FA

Backups

  • Nightly backups are stored for 30 days on a private DigitalOcean Spaces bucket

Internal

  • Our employees are trained on security best practices
  • We use long random passwords
  • We use 1Password and discourage password reuse
  • We use 2FA for all of our accounts wherever possible
Did this answer your question?