> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lineserve.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Security and Compliance

> Security controls, encryption, and compliance coverage.

Lineserve Cloud Servers use layered security across compute, network, and storage with regional data residency controls.

## Encryption

* At rest: AES-256 for all storage volumes.
* In transit: TLS 1.3 for API and management traffic.
* SSH keys: RSA 4096-bit or Ed25519 supported.
* Key management: Bring your own keys (BYOK) via KMS.

## Network security

* Always-on DDoS protection up to 10 Gbps.
* Stateful security groups with ingress and egress rules.
* Private VPC isolation with optional VPN and NAT gateway.

## Access control

* Role-based access control (RBAC) and IAM policies.
* MFA for console access.
* Scoped API tokens with expiration.
* Audit logs and IP allowlists.

## Compliance and data residency

* ISO 27001, ISO 27017, SOC 2 Type II, PCI DSS Level 1.
* GDPR, NDPR (Nigeria), POPIA (South Africa), Kenya DPA.
* Additional regional coverage: Egypt DPL, Tanzania DPA, Uganda DPA, Rwanda DPL, Ghana DPA.

Data stays within the selected region for sovereignty and compliance requirements.