A: Some include: using SSH via keys rather than weak password auth, ensuring only necessary ports are open, handling secrets (e.g. in GitHub Actions), and likely using least privilege access. The blog mentions they used password auth but plan to look at SSH key auth for better security.
