Atomia and security
This is a very legit question as Atomia is handling a bunch of stuff your company is making money on.
Let us start first with the fact that our developers take security very high in every line of the code they produce. Furthermore every single line of code produced by any developer has to pass several checks by other developer. This way we make sure that nothing is being overseen.
But, with so many code we also perform regular audits by third parties - just to be safe and to keep us on our toes.
Atomia relies on world proven technologies. Our platform utilizes Apache, PHP, MySQL, Dovecot, Postfix and many other software - but we keep it all of it original and only apply our changes to the configuration not messing up with the source code of any of that software. This allows us, in case that any critical bug in the software itself may arise that we are able to patch it as soon as patch becomes available. And as we deploy all of our services (yes, even configuration settings) through Puppet it is rather painless process to bulk update any number of servers running on your premises.
Beside our bi-yearly software update release, we are daily evaluating any potential threats such as 0-day leaks and schedule them either for near-immediate patching cycle or for the next bi-yearly release depending on the impact of the leak.
Operating system security
Security of end customer services
Atomia sysdevs are also making sure that any services that are deployed for your end customers will remain safe and sound. For example making sure that within our clustered shared hosting no noisy neighbors will arise, additional securing of databases by placing them in private network ranges only (still manageable through centralized web application such as PHPMyAdmin) and more.
All of the end customer exposed web services are centralized as well. For example webmail or PHPMyAdmin. This allows us to use always latest version as there is only one instance that needs to be updated.