Lake Side Fulfillment
Back to Security Policies

Information Security and Infrastructure Policy

How we secure systems, mitigate threats, and respond to potential risks

Our organization takes the protection of digital infrastructure and customer data seriously. To that end, we maintain a unified Information Security and Infrastructure Policy that governs how we secure systems, mitigate threats, and respond to potential risks.

Infrastructure Security

All our systems, including user-facing platforms, APIs, internal services, and databases, are hosted in a secured virtual private server (VPS) environment provided by Hostinger, which offers built-in protection features such as DDoS mitigation, daily data backups, continuous threat monitoring, and automatic malware detection. These features form the foundational perimeter defenses of our infrastructure.

Web Application Firewall

In addition to the host-level protections, we also implement a Cloudflare Web Application Firewall (WAF), which acts as a critical layer to detect and block malicious traffic, including bot attacks, brute force attempts, and denial-of-service scenarios. The WAF policies include traffic rate-limiting, country-level filtering, user-agent fingerprinting, and IP reputation analysis, which ensures that illegitimate access attempts are filtered before reaching our systems.

Encryption Standards

All traffic that enters or leaves our systems is encrypted using Transport Layer Security (TLS 1.3), ensuring that data in transit is secured against eavesdropping or tampering. Internally, sensitive data such as email addresses, Discord IDs, session tokens, and access credentials are encrypted at rest using AES 256 encryption. Our infrastructure includes weekly rotation of encrypted backups, and these are also stored using encrypted file systems.

Development Security

Code deployment and updates are handled through a secured GitHub repository with two-factor authentication (2FA) required for all contributors. Continuous integration (CI) pipelines include automatic dependency checks and vulnerability scanning using tools such as npm audit and GitHub Dependabot. In this way, we maintain a rigorous infrastructure hygiene and defensive posture. Policies governing infrastructure and data security are reviewed quarterly by the Chief Technology Officer and updated if needed.

(Last Reviewed: July 6, 2025)

Approved by:
Adam Ben Allal - Lakeside Fulfillment
Date: 6 July, 2025

For any security concerns or questions about this policy, please contact:

privacy@lakesidefulfillment.com