Atlas Logic

Security at Atlas Logic

Understand our security and compliance strategy

Our Commitment

Security is foundational to everything we build at Atlas Logic. As a platform that helps organizations achieve ISO 27001:2022 compliance, we hold ourselves to the highest security standards. Your trust is our most important asset, and we invest heavily in protecting your data, systems, and privacy.

Encryption at Rest

All customer data is encrypted at rest using AES-256 encryption. Database volumes, backups, and file storage are fully encrypted to ensure data confidentiality even in the event of physical media compromise.

Encryption in Transit

All data transmitted between your browser and our servers is protected with TLS 1.3+. API communications, webhook payloads, and inter-service traffic are all encrypted end-to-end.

Private Key Management

Cryptographic keys are managed through a dedicated key management service with automatic rotation. Private keys are never stored alongside encrypted data and are protected by hardware security modules (HSMs).

Customer Data Repository

Each organization's data is logically isolated in our multi-tenant architecture. Strict access controls ensure that your compliance documents, evidence files, and audit records are accessible only to authorized members of your organization.

Infrastructure Security

Our platform is hosted on SOC 2 Type II certified cloud infrastructure with redundant availability zones. We employ network segmentation, intrusion detection systems, and continuous monitoring to protect against unauthorized access.

Access Controls & Audit Logging

Role-based access control (RBAC) ensures users only access what they need. Every action is recorded in immutable audit logs, providing a complete trail of who did what and when for your compliance records.

Compliance & Certifications

Atlas Logic continue to focus on SOC 2 Type II compliance and the ISO 270001 certification. We undergo regular third-party penetration testing and vulnerability assessments to validate our security posture.

Incident Response

We maintain a documented incident response plan with defined SLAs for notification. In the event of a security incident, affected customers are notified promptly with full transparency on scope, impact, and remediation steps.

Data Residency

Customer data is stored in geographically redundant data centers. Enterprise customers can request specific data residency configurations to meet regional regulatory requirements such as GDPR or data sovereignty laws.

Responsible Disclosure

We welcome reports from security researchers. If you discover a vulnerability, please contact us responsibly at security@atlaslogic.io. We commit to acknowledging reports within 24 hours and providing regular updates on remediation progress.

Questions?

For security-related inquiries, contact our security team at security@atlaslogic.io