Embedded Files
ATEK uses cloud computing technologies to offer the security and reliability of its solutions to its customers. By subcontracting hosting to companies specializing in IT infrastructure, this allows the ATEK team to concentrate its efforts on developing and maintaining the functionalities of the ATEK platform.
Server hosting
Server hosting
We use Google Cloud Platform infrastructure to host our servers, giving us Google's renowned reliability and security. The servers are located in the Montreal area, Canada. To learn more about the security of our solution, please visit the following link: https://cloud.google.com/security/ .
Google Cloud is a recognized and approved host for the public sector in Canada. For more details please visit the following link: Google Cloud for the Canadian public sector
Database backups
Database backups
The database is backed up every hour. Backup copies are taken at 17:13 UTC. Daily backup copies of the database are kept for 1 day, weekly copies are taken on Saturday and kept for 4 weeks. Finally, monthly copies are taken on the last day of the month and kept for 12 months.
The database is located in Montreal, Canada.
Web server
Web server
The NGINX web server is the only gateway to the web platform. It acts as a firewall because all the servers are hidden behind this proxy. This server is used to:
Redirect traffic to the correct server: that of the application or that of the sensors
Balance traffic between servers based on the volume of connections
Offer the secure SSL connection “https://”
Allow certain IP address ranges to connect (whitelist, blacklist)
Server-side session authentication
Server-side session authentication
Users require authentication to access the platform and data. This authentication is kept on the server side in order to prevent other computers from taking control of the API. After 3 hours of inactive user interaction, the session is destroyed and the user must re-authenticate.
Password Preservation
Password Preservation
No password is saved in the database. Passwords require a minimum of 8 characters that must contain at least:
a capital letter,
a tiny one
a number
a special character
We use the “hash & salt” technique and only keep the mathematical encrypted result of the password. It is therefore not possible for administrators, company employees or potential hackers to view or steal user passwords.
User roles
User roles
There are 3 types of users with different permissions:
A dmin Complete
Group Admin
Standard User
User traceability
User traceability
All calls to the API by users on the platform are recorded, to ensure traceability of configuration changes.
Control of physical facilities
Control of physical facilities
Only properly trained and accredited ATEK employees are permitted to access infrastructure equipment and must document their activities with security before and after accessing the site.
All ATEK infrastructures are protected against failures by using redundant and highly available systems, often in an N+2 configuration. These protections include the following systems:
Fire detection, suppression, and alert
Power and redundancy monitoring with automatic failover
Temperature control, monitoring and alert
ATEK's infrastructure resides in data centers with a long history of competent, comprehensive security procedures. Facilities have extensive perimeter intrusion protection measures using biometrics and other physical security measures to restrict access to the data center themselves as well as sections on the data center floor.
Service Level Agreement (SLA)
Service Level Agreement (SLA)
ATEK uses commercially reasonable efforts to maximize the availability of its services and provide a minimum of 99.9% availability excluding maintenance windows and scheduled outages.
Accreditation and compliance
Accreditation and compliance
ATEK's infrastructure is hosted in a variety of data centers, to ensure the fastest and most secure transmission of data between platforms. Our infrastructure partners hold several accreditations including: ISO 27001, SSAE16 SOC- 1 Type II / ISAE 3402, SOC 2 & SOC 3, PCI Level 1, FISMA moderate
CONFIDENTIALITY OF INFORMATION
CONFIDENTIALITY OF INFORMATION
Separating user data (client employees) from the ATEK platform.
No personal patient data is recorded in the ATEK platform.
Unrecorded data is data that cannot be exploited by malicious people.
Page updated
Report abuse