XML 20 R10.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Abstract]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure 

We recognize the importance of identifying, assessing and managing material risks associated with cybersecurity threats. We maintain an information technology and cybersecurity program appropriate for a company our size, taking into account our operations and risks.

 

Risk Management and Strategy

 

Our cybersecurity risk management approach includes:

 

  A flat network infrastructure powered by Ubiquiti (UBNT) equipment
     
  Unified firewall and security management through our UDM Pro device
     
  Remote access controlled via L2TP VPN with pre-shared key authentication
     
  Regular data backups using RoboCopy, scheduled daily at 2pm EST
     
  Physical security through UniFi Access control system and ADT security cameras covering the entire building

 

We utilize third-party services for certain technology functions, including Microsoft 365 for email, GoDaddy for web hosting, and CodeTwo for email signatures. While we depend on the digital technologies of these third parties, we monitor our systems to protect against unauthorized access.

 
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We maintain an information technology and cybersecurity program appropriate for a company our size, taking into account our operations and risks.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Board of Directors Oversight [Text Block] Our Board of Directors is responsible for overseeing cybersecurity risks. Management, led by our IT department, is responsible for the operational oversight of the company-wide cybersecurity strategy and standards. Administrative access to our critical systems is limited to authorized personnel and documented in our IT inventory.

Given our size and operations, we maintain administrative controls including:

 

  Defined administrator accounts with appropriate access levels
     
  Documentation of system access credentials
     
  Regular updates to firmware on network infrastructure (current versions documented)
     
  Backup verification and monitoring

 

Cybersecurity Risks

 

As of April 15, 2025, we are not aware of any cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected our business strategy, results of operations, or financial condition, or are reasonably likely to have such a material effect. However, like all organizations, we face potential risks from cybersecurity threats which could materially affect our operations or financial condition if they were to occur.

 

Areas for potential improvement in our cybersecurity posture include upgrading our WiFi access points, and implementing a cloud backup solution to complement our current on-site backup strategy.