Security / SEC-005
Security Standard

SEC-005 — Platform Access & Ownership

Defines approved platform identities, ownership boundaries, least privilege, and the current Cloudflare baseline.

Document: SEC-005Type: StandardStatus: ApprovedOwner: Cloudberrie Leadership & EngineeringVersion: 4.2.0Updated: 2026-07-17

Platform Ownership Matrix

Platform functionApproved identityPurpose
Google Workspace administrationadmin@cloudberrie.comIdentity and Workspace administration
Cloudflare platform ownershipaccounts@cloudberrie.comInfrastructure continuity, billing and recovery
GitHub organization administrationcb-engopsEngineering administration and organization ownership
Git commit identityengineering@cloudberrie.comTemporary company attribution until individual engineers are onboarded
Security correspondencesecurity@cloudberrie.comSecurity alerts where supported

Access Principles

  • Aliases are communication endpoints, not independent Google login identities.
  • Use individual accounts and delegated permissions when employees are onboarded.
  • Do not share the cb-engops personal account among multiple employees.
  • Use least privilege and repository-, project-, or account-scoped access.
  • Review Tier 1 access quarterly and immediately after role changes.

Cloudflare Current State

Legal ownerCloudberrie Studio India LLP
Loginaccounts@cloudberrie.com
Account creation modelEmail and password; not tied to the deleted empty Google-connected profile
Infrastructure display timezoneUTC
ResourcesNo domain zone or Pages deployment at the v4.2 baseline
Next approved actionAdd cloudberrie.com, review DNS records, then deploy cb-website