Page:
Encryption Standards
Pages
📊 Genesis Radio Infrastructure Overview
🚀 Genesis Radio - Healthcheck Response Runbook
Account Creation Policy
Account Deletion Policy
Backup Integrity
Backup Policy
Disaster Recovery Plan
Encryption Standards
GROWL — Genesis Radio Commit Style Guide
Genesis Hosting Technologies Planned Database Expansion
Genesis Radio Internal Architecture Map
Home
Infrastructure Overview
Least Privilege Policy
Maintenance Window Policy
Provisioning and OnBoarding
Terms of Service (TOS)
User Roles
Clone
1
Encryption Standards
doctator edited this page 2025-05-02 20:51:30 +00:00
Table of Contents
Encryption is applied to all data in transit and at rest across Genesis Hosting Technologies infrastructure.
In Transit
- HTTPS via TLS 1.3 (minimum TLS 1.2 for legacy fallback)
- SFTP for all file transfers
- SSH for all administrative access
- rclone with TLS for object storage replication
At Rest
- ZFS encryption on backup pools
- PostgreSQL encryption at the database or filesystem level
- WHMCS and DirectAdmin credentials hashed and salted
- Backups encrypted with AES-256 before remote transfer
Key Management
- SSH keys rotated every 6 months
- Let's Encrypt certs auto-renew every 90 days
- Master encryption keys stored offline and version-controlled