All pgp keys on all operating systems will be tracked and maintained to keep me from loosing passwords to revoke them.
All security authorizations will be stored in the “keys” category. All SSH RSA keys will expire after 6 months, all email based keys will expire after one year, and all LUKS partition encryption will expire after two years.
All operating systems will need GPG installed, and will need set up: Mail key, ssh-rsa key, and LUKS keys. All passwords, if convenient, will be handled by a third party application, to be determined. This designation excludes recovery emails for those accounts.
All data will be backed up using means that can be modified by script/api (so google drive isn’t an option because I don’t know how to do that). Blackbox will be used if necisary.
All browsers used will include: Mailvelope, DuckDuckGo, Omnibar, Superstart, Pocket, Buffer, Ghostery, User agent switcher, and google translate. All extensions will be plugged in correctly and have the necissary imported keys. Browser cache will be cleared weekly.
Required keys to have on databases include anyone that: I have communicated with in the past using encryption; are capable of using encryption and have been tutored how to use said encryption; influential coders.
Operating systems are due for reinstall monthly. All operating systems must have access to the correct drivers for WiFi (hacking drivers), must have development tools installed, and must have access to Firefox. All user accounts for the system will be short and to the point, and will include common access to the LUKS home partition.
All servers are due to be virtually migrated and erased every three months. Servers will have their user accounts, ports, RSA ids, and config files removed/audited monthly to reevaluate their security.
I had more but I forgot. How’s that for a security policy?