Clients Data Security & Privacy Policy

Date Issued: 10th Jan 2019 – Date Updated: 23rd Sept 2023

Introduction:

Atompoint is dedicated to protecting the confidentiality, integrity, and availability of all client data. Our comprehensive approach to data security and privacy is designed to prevent unauthorized access, disclosure, alteration, and destruction of information.

 

Data Protection Measures:

  • Continuous Monitoring: We utilize state-of-the-art monitoring tools like Cloudnosys to continuously oversee the compliance and proper configuration of our cloud assets, ensuring real-time detection and remediation of vulnerabilities.
  • Encryption: All client data, both at rest and in transit, is encrypted using industry-standard protocols to prevent unauthorized access.
  • Security Audits and Vulnerability Assessments: Regular audits and assessments are conducted to strengthen our security posture and address potential vulnerabilities effectively.

Access Control

  • Authentication and Authorization: We implement stringent access controls, including multifactor authentication and role-based access control, to restrict data access to authorized personnel.
  • Employee Access Management: Access to sensitive data is strictly regulated and constantly reviewed to ensure only necessary personnel have access, maintaining a secure data environment.

Data Privacy Compliance

  • ISO 27001 Standards: Atompoint adheres to the ISO 27001 standards, which guide our information security management system, ensuring a systematic and consistent approach to managing sensitive company and client information.
  • Regulatory Compliance: Our practices are in strict compliance with international and local data privacy laws, including GDPR, affirming our commitment to data protection.

Incident Response and Management

  • Incident Response Plan: A comprehensive plan is in place to swiftly address and mitigate any data breach or security incident, minimizing potential impact and maintaining transparency with our clients.
  • Proactive Incident Management: With continuous monitoring, we can rapidly identify and address security threats, ensuring immediate action and communication.

Data Retention and Disposal

  • Data Retention: Client data is never migrated outside the client’s infrastructure or shared with third parties without prior approval and explicit documentation, adhering to strict data sovereignty principles.
  • Secure Disposal: We employ secure data disposal methods to prevent unauthorized access or recovery of data once it is no longer needed.

Team Level Security

  • Device and Asset Security: We take the security of company-provided laptops and devices seriously, implementing measures to protect against unauthorized access and threats.
  • Training and Awareness: Regular training sessions are conducted to keep our team up-to-date with the latest trends in cybersecurity, ensuring they adhere to our high standards and SOPs.
  • Documentation and Business Continuity: Comprehensive documentation of technical areas is maintained to support business continuity and disaster recovery, ensuring operational resilience.

Conclusion

Our Data Security and Privacy Policy is a testament to Atompoint’s unwavering commitment to safeguarding client data. By integrating advanced tools like Cloudnosys, adhering to ISO 27001 standards, and fostering a culture of continuous learning and improvement, we offer our clients the assurance that their data is in secure hands.