Security
A short, honest summary of how Netru itself operates. We hold ourselves to the same standards we ship for clients. Detail to follow.
MFA everywhere. SSO via a hosted IdP. Hardware tokens (FIDO2) for admin and root accounts. Passwords managed in a team password manager; no shared logins.
Full-disk encryption on every device. Patch management via OS-managed updates with a documented review cadence. EDR on engineering laptops.
Vendor inventory maintained with risk classification, data flows, and contract review. Customer data handled under documented retention and deletion policies.
Backups for client deliverables and operational systems, tested. Incident response plan documented and tabletop-tested annually.
Found a security issue with anything we operate? Email contact@ip-four.co.uk with the word “Security” in the subject. We aim to respond within one business day.
Stub. Will be expanded as the public-facing security programme matures.
