We value your privacy. We use cookies and similar technologies to improve your experience, maintain site security, and enable our support chat.
Essential cookies are always active. Analytics and marketing cookies require your consent. Learn more
Detailed documentation, strategic guides, and security explainers to help you manage your digital infrastructure.
Step-by-step protocols for when systems go down or a breach is detected.
Why the old 'castle and moat' security model is dead, and what replaces it.
Essential tools for the company of one to operate like a company of ten.
Preparing your operational processes for your first security audit.
How to spot sophisticated email attacks that bypass spam filters.
Copy-paste policy for managing device procurement and e-waste.
Technical manuals and live system status for active clients. These resources are maintained by our engineering team.
A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity.
A strategic initiative that helps prevent successful data breaches by eliminating the concept of trust from an organization's network architecture.
Any remote computing device that communicates back and forth with a network to which it is connected (e.g., laptops, phones).
A commitment between a service provider and a client. Particular aspects of the service – quality, availability, responsibilities – are agreed between the service provider and the service user.
Any outage affecting >50% of users, a confirmed data breach, or active ransomware attack. P1 incidents trigger our 15-minute SLA response protocol.
We maintain a responsible disclosure program. Please email security@humaneers.co (PGP key available in Colophon) with details. We do not offer bounties but we publicly credit researchers.
Security logs are retained for 365 days in cold storage (immutable). Operational logs are cycled every 30 days.
