Security and Abuse Controls

Secure infrastructure access with visible guardrails

DevCloudDesk is designed for authorized DevOps work. We publish our safeguards so customers, email providers, and payment partners can review how we reduce abuse risk.

Authorized access only

Customers may connect only servers, accounts, cloud projects, and environments they own or have explicit permission to administer.

Role and permission controls

Workspace roles, scoped access, and plan limits are used to restrict who can view servers, open sessions, manage files, deploy, or administer billing.

Encrypted transport

Website, application, API, and agent communication use encrypted channels. Sensitive credentials are never stored in plain text.

Audit and activity logs

Infrastructure actions, account events, file operations, deployments, and security-relevant events are logged for investigation and customer review.

Abuse monitoring

Suspicious access patterns, excessive automation, repeated failures, and reports from third parties may trigger throttling, investigation, or suspension.

Transactional email only

DevCloudDesk email is limited to account, billing, security, support, and system alert messages. Customers cannot use the platform to send arbitrary or bulk email.

Abuse response process

Reports can be sent to abuse@devclouddesk.com. We review credible reports, preserve relevant logs, contact the workspace owner when appropriate, and may disable sessions, revoke access, or suspend accounts while an investigation is active.

Email and notification policy

System emails are transactional: sign-in verification, password reset, billing notices, security alerts, service alerts, and support replies. Marketing messages require opt-in consent and include opt-out instructions. DevCloudDesk does not provide SMTP relay or customer-controlled bulk emailing features.

Review email and anti-spam policy

Explicitly prohibited activity

  • Unauthorized access, scanning, exploitation, credential theft, or attempts to control systems without permission.
  • Malware distribution, phishing, spam, botnet activity, command-and-control behavior, or abuse of compromised infrastructure.
  • Using DevCloudDesk as a proxy, anonymizer, tunneling service, public file host, scraping platform, or bulk message sender.
  • Uploading illegal content, stolen data, malicious scripts, or material that violates third-party rights.