Atomia and security

This is a very legit question as Atomia is handling a bunch of stuff your company is making money on.

Let us start first with the fact that our developers take security very high in every line of the code they produce. Furthermore every single line of code produced by any developer has to pass several checks by other developer. This way we make sure that nothing is being overseen.

But, with so many code we also perform regular audits by third parties - just to be safe and to keep us on our toes.

Software security

Atomia relies on world proven technologies. Our platform utilizes Apache, PHP, MySQL, Dovecot, Postfix and many other software - but we keep it all of it original and only apply our changes to the configuration not messing up with the source code of any of that software. This allows us, in case that any critical bug in the software itself may arise that we are able to patch it as soon as patch becomes available. And as we deploy all of our services (yes, even configuration settings) through Puppet it is rather painless process to bulk update any number of servers running on your premises.

Beside our bi-yearly software update release, we are daily evaluating any potential threats such as 0-day leaks and schedule them either for near-immediate patching cycle or for the next bi-yearly release depending on the impact of the leak.

Operating system security

We have established best practices regarding tightening security on all of the operating systems Atomia requires for it´s operations. Therefore in case that we perform installation we will make sure only bare necessity of services will be running and those that are required will be tightened to the needs of Atomia and supporting services, making sure no unnecessary code or service will remain active. In case that you have chosen to perform installation yourself we will supply you with detailed documentation how to perform installation and which measures should be taken into consideration during installation.

Proactive monitoring

As a part of our Atomic support we also perform proactive monitoring on vast amount of points making sure that your Atomia installation is not only safe, but also performing to the standards. Any issue reported by our monitoring will be picked up 24/7 by our technical staff making sure that you - and your end customer service may run smoothly and uninterrupted.

Security of end customer services

Atomia sysdevs are also making sure that any services that are deployed for your end customers will remain safe and sound. For example making sure that within our clustered shared hosting no noisy neighbors will arise, additional securing of databases by placing them in private network ranges only (still manageable through centralized web application such as PHPMyAdmin) and more.

All of the end customer exposed web services are centralized as well. For example webmail or PHPMyAdmin. This allows us to use always latest version as there is only one instance that needs to be updated.