Placing a company's data in the cloud requires guarantees. At Athento, we use data centers to offer the best cloud environments with guarantees in terms of security, redundancy, safe access, safe environments and network security, among others, all required to ensure the safety of the client's documents.
The cloud server environments we use are built on ISO 27001-certified platforms. They have also been awarded the AFNOR standard for information security. The data is located in servers within the European Union, thus falling under the jurisdiction of EU law and in compliance with the Spanish Data Protection Act.
Our storage has the following security measures installed:
Multiple replication
Multiple file integrity checks
Transfers are only carried out using secure protocol
Immediate fixing of failed resources in minutes
The cloud infrastructure that hosts Athento has a capacity for more than a million servers located in 11 data centers in 3 European locations. Only authorized employees can physically access the servers. The data centers are protected 24/7 by a security card control system, alongside video surveillance and on-site security staff. The facilities are equipped with the latest in fire detection and extinguishing systems. Furthermore, the data centers have a technical team that is constantly on site, ready to act as soon as a failure in any of the servers is identified.
Other security measures
Safe access: It is not possible to access Athento without a username and password previously registered on the system. It is the responsibility of the user to ensure the confidentiality of these access credentials. Athento also offers the option of controlling access to specific documents with the "Access Permission" option, which makes a document either accessible or inaccessible to groups, roles and users.
Daily backups: Athento's team carries out daily backups of the information on the Athento Cloud.
SSL access: This allows for data transmissions to be encrypted using SSL. SSL (Secure Socket Layer) is used to make the transmission of data via the Internet secure, as it encodes and protects the data transmitted using the HTTPS protocol. SSL provides website users with a guarantee that their data will not be fraudulently intercepted.
Compliance with personal data protection legislation: We comply with Spanish regulations regarding the Spanish Data Protection Law. Data Protection Law will soon be the same for the whole of Europe, making it compulsory for Athento to comply with this new legislation.
Online payment security: Online payments are done via PayPal, which complies with PCI DSS (Payment Card Industry Data Security Standard).
Compliance with SOX law (Sarbanes-Oxley): The provider of our cloud infrastructure has been awarded the following levels: SOC* 1 Type I (SSAE 16 and ISAE 3402)** and SOC 2 Type I.
ISO 27002 for service: The provider of our cloud infrastructure works in line with ISO 27002 and ISO 27005 standards for security management and risk assessment and related procedures.
ISO 27001 security certification: The supplier of our cloud infrastructure has been awarded ISO 27001:2005 certification for supplying and operating dedicated cloud infrastructures.