24 lines
702 B
Markdown
24 lines
702 B
Markdown
# Encryption Standards
|
|
|
|
Encryption is applied to all data in transit and at rest across Genesis Hosting Technologies infrastructure.
|
|
|
|
## In Transit
|
|
|
|
- HTTPS via TLS 1.3 (minimum TLS 1.2 for legacy fallback)
|
|
- SFTP for all file transfers
|
|
- SSH for all administrative access
|
|
- rclone with TLS for object storage replication
|
|
|
|
## At Rest
|
|
|
|
- ZFS encryption on backup pools
|
|
- PostgreSQL encryption at the database or filesystem level
|
|
- WHMCS and DirectAdmin credentials hashed and salted
|
|
- Backups encrypted with AES-256 before remote transfer
|
|
|
|
## Key Management
|
|
|
|
- SSH keys rotated every 6 months
|
|
- Let's Encrypt certs auto-renew every 90 days
|
|
- Master encryption keys stored offline and version-controlled
|