bin-there-done-that/documents/genesishosting/security/security-policy.md

# Security Policy

Genesis Hosting Technologies enforces strict security practices across all infrastructure and services to protect client data and maintain service integrity.

## Core Principles

- Least privilege for all users and services
- Regular audits and patching
- Encrypted communication and storage
- Real-time monitoring and alerting

## Enforcement Areas

- 2FA required for all admin portals
- SSH access limited to key-based logins
- Centralized log collection and review
- All critical assets monitored via Genesis Shield

## Review Cycle

- Policies reviewed quarterly
- Logs retained for 30–90 days depending on system
- Incidents reviewed post-mortem with improvements logged
-												Auto-commit from giteapush.sh at 2025-05-09 16:35:15

											
										
										
											2025-05-09 16:35:15 -04:00
+								# Security Policy
 								Genesis Hosting Technologies enforces strict security practices across all infrastructure and services to protect client data and maintain service integrity.
 								## Core Principles
 								- Least privilege for all users and services
 								- Regular audits and patching
 								- Encrypted communication and storage
 								- Real-time monitoring and alerting
 								## Enforcement Areas
 								- 2FA required for all admin portals
 								- SSH access limited to key-based logins
 								- Centralized log collection and review
 								- All critical assets monitored via Genesis Shield
 								## Review Cycle
 								- Policies reviewed quarterly
 								- Logs retained for 30–90 days depending on system
 								- Incidents reviewed post-mortem with improvements logged