We take the security of our validators very seriously, especially on Solana Mainnet-Beta.
Our mainnet server is in an enterprise-grade data centre in Utah, USA. The data centre itself has standard access control measures in place, as well as state of the art climate control and power and network backups.
Access to the server is restricted by SSH keys, password login is entirely disabled. Further we operate a strict firewall with no ports outside of those required for Solana and SSH being open.
The keys used to operate a validator are comprised of a validator identity key and a vote account key. Both keys must remain on the server and be accessible by the runtime.
However to protect funds and prevent malicious changes to commissions in the case the server is compromised, the authorized withdraw authority of the vote account is a separate key that is stored on a hardware wallet.
We have a custom real-time monitoring system that operates from a physically separate server and checks all our validators continously for delinquency, in case delinquency is confirmed for two continuous minutes we receive immediate SMS and Slack notification alerts, which continue until delinquency is resolved.