All validator private and withdrawal authority keys are always stored on our secure private management systems which are blocked from outside access.
All validator entities and voting keys are backed up in a secure location.
All SSH sessions are always authenticated using keys stored on U2F hardware. Password authentication is disallowed.
IP access-lists are used to limit management access from authorized management locations to all of our publicly available systems and nodes.
Authentication logs are automatically audited with alerts setup for unauthorized access.
Operating systems are regularly patched with vulnerability updates.
Only necessary TCP/UDP ports are open to public access.
Services always run as an unprivileged user and are containerized when feasible.
“Root” account is never used for services or system administration.