Security

No other way of hosting Ghost is more secure than our system. The cheapest method of hosting, shared hosting, is obviously the least secure. If one account on the server is hacked then all the other accounts can be accessed. VPS hosting and dedicated hosting doesn’t have these problems, but these are only secure if you have someone in your team who has the experience to implement proper security measures. The system used by Ghost(Pro) uses Salt servers, which were hacked into in May 2020 (the servers have since been patched).


Physical Security

The first level of security is at the level of the cloud provider. Your blogs will be running on a Kubernetes cluster which is hosted and managed inside a high security data center run by Google. This uses biometric identification, metal detectors, high-resolution CCTV, vehicle barriers and laser-based intrusion detection systems to provide a complete physical barrier.


“We aggressively limit and actively monitor the activities of employees who have been granted administrative access to the infrastructure and continually work to eliminate the need for privileged access for particular tasks by providing automation that can accomplish the same tasks in a safe and controlled way. This includes requiring two-party approvals for some actions and introducing limited APIs that allow debugging without exposing sensitive information. Google employee access to end user information can be logged through low-level infrastructure hooks. Google's security team actively monitors access patterns and investigates unusual events.”

Hardware Security

Hardware used inside the data center has its own security system: servers and peripherals have a custom-designed chip so that they can be identified as genuine Google devices before they are added to the network. Hard drives used to store data are identified used are wiped twice before being able to leave the facility; any units which can’t be wiped properly are shredded.

Kubernetes Security

In our system each user is isolated from the other users and all users are isolated from the rest of the data center inside a Kubernetes cluster. While Kubernetes is, itself, very secure, we implement several levels of deeper security measures to harden the attack surface still further.