...
Anuta ATOM Cloud follows the tenets of security by design. While flexibility & user experience is at the forefront of the ATOM Cloud, Security remains at the heart of every component placed into its architecture. With ATOM Cloud being the custodian of customer network data, security by design combined with high resiliency helps us through all the threat vectors and gauges to strengthen ATOM Cloud’s security posture. As part of this commitment, we use secure hosting partners, industry-standard security technologies, a comprehensive set of policies and controls, and maintain a culture of security throughout ATOM Cloud.

Foundation of ATOM Cloud Security

Physical Data Center
Security

Anchored in AWS, ATOM Cloud
utilizes all physical security
controls that it offers

Multiple layers of security

Anchored in AWS, ATOM Cloud utilizes all physical security controls that it offers

Perimeter Security

Routing rules hardened based on pre-established criteria for various permissible transactions across all resources.

External & Environmental threats

Protection offered to paint, power & pipe of the data centers to ensure uninterrupted service delivery

Datacenter access

Physical access to AWS facilities is strictly limited to select AWS staff

Customer Data Security

Ensures data privacy and
data loss prevention
through best practices

Multi-tenant Infrastructure

Complete data segregation & isolation through comprehensive multi-tenancy capabilities

Virtual Private Cloud

Hosted in dedicated VPCs in a non-promiscuous mode that is further segmented for increased security and manageability.

Encryption

AES 256 bit encryption with 1,024-bit key-strength for data at rest and FIPS 140-2 compliant TLS encryption for data in transit.

Dedicated Instance

Stringent requirements will be met with dedicated application containers & instances for each tenant.

Flexible retention & Data deletion

Automated handling of customer network data & GDPR data on Anuta ATOM Cloud

Security Standards, Compliance & Risk Management

SOC2 Audit & Certification In Progress,
Risk Mitigation,
Security Controls

AICPA SOC2 Type 1 & 2

Anuta Networks is currently undergoing SOC2 audit & certification process. Anuta is being verified not only for its platform ATOM Cloud, its remote agents, cloud endpoints, but also for its internal security policies, processes, and employees.

GDPR & EU

Anuta Networks is getting ready to enable its customers who elect to process personal data on our products & website to do so by following the GDPR & applicable data protection laws. We are working to ensure that our practices and contracts are prepared to support customers who wish to include their personal and business-critical data.

ISO 27001 Security

Anuta Networks is committed to customer data protection and hence plans to get ISO 27001 information security management certified in the coming days.

24x7 risk management

Anuta Networks has engaged an InfoSec team that keeps a tab on any changes to the security posture of itself or its offerings.

ATOM Instance & Network Security

Powered by the 4C's of Cloud Native
Security- Cloud, Cluster,
Container & Code

Microservices Architecture

Every microservice runs inside a well-defined Docker container that allows specific levels of access to select controllers

Component Redundancy

Each component is deployed with full resiliency & disaster recovery mode to ensure high availability, even across multi-availability zones

Technical security compliance

Best practices for Docker & Kubernetes applied to harden the application. High visibility into images, registries, deployments & runtime ensured.

API throttling

The number of API calls is throttled (Rate limited) to mitigate application layer DDOS and Brute Force attacks.

Capacity Management

Threshold-based capacity monitoring & subsequent auto-scaling to offer on-demand capacity expansion.

Data Backup

Near real-time backups taken across multiple clusters & availability zones in encrypted and access restricted containers.

Access Management​

Supported by a secure unified
framework to offer seamless
user access management

Single Sign-On Support(SSO)

Access to ATOM Cloud via SSO powered by a per namespace OAuth2.0. OAuth2.0 relies on SSL to ensure confidentiality for data between applications & browsers.

Role-based Access Control

Fine-grained RBAC for all features within ATOM Cloud, including the User Interface. Tight Integration with Multi-tenancy for easy user provisioning & access control.

Audited account changes

IDP in ATOM Cloud comes with a rich set of auditing capabilities that records every single login & admin actions

Ecosystem Integration

Integration with LDAP, TACACs+ & AD for a robust user security

Remote Agent Security

Secure, Quick & Easy Installation,
Tenant Aware, Seamless Lifecycle
management

Secure Connectivity

All communications from the remote agent to the ATOM Cloud are TLS encrypted

No Rogue Agents

All remote agents & their configurations are signed to ensure authenticity prior to their connection to the ATOM Cloud

High Availability

Never miss out on relevant information about your network due to a broken agent.

Ease of management

Keep track of the agents at all times with Keepalives running from ATOM Cloud Agent Manager.