Security Policy
Security posture: We apply technical and organizational controls to protect user and client data across our full service lifecycle.
1. Access and infrastructure
- Role-based access and least-privilege principles.
- Strengthened authentication in critical systems.
- Periodic review of permissions and activity.
- Basic monitoring of availability and events.
2. Data protection
- TLS encryption in transit.
- Storage with providers implementing standard security safeguards.
- Credential and secret handling in controlled environments.
3. Business continuity
- Backups for essential business data.
- Recovery procedures for incidents.
- Component updates and provider review practices.
4. Incident management
We maintain procedures to identify, contain, and remediate security incidents. Where legally required, affected parties are notified.
5. Vulnerability reporting
If you identify a potential vulnerability, contact info@infinitysunskills.com with subject "Security Report" and enough technical detail to reproduce the issue.