Security¶
Note
This page is about digital & information security.
We take security considerations very seriously. If you have any concerns please contact the Infrastructure Committee in the first instance or the Trustees.
Multi Factor Authentication¶
Multi-factor authentication (MFA) offers improved authentication when accessing online accounts by requiring that the user provide stronger proof of their identity before accessing an account.
All volunteers are encouraged to make use of multi-factor authentication on all platforms which support it. Volunteers in positions of responsibility are strongly encouraged to do so and should discuss with the Infrastructure Committee any cases where this is impractical.
Useful links:
- Discord two factor authentication
- GitHub two factor authentication
- Google two factor authentication
- Mythic Beasts two factor authentication
- Slack two factor authentication
Servers¶
Exactly what is needed to secure a given server will depend on its intended use-case, operating system and other factors. In general though we expect that:
- the firewall will block everything that's not needed
- root SSH is disabled
- password SSH is disabled (i.e: keys only)
- individuals have their own user accounts
These are included for all machines configured via our ansible config, which also creates users for members of the Infrastructure Team.