ATEK Docs

Cybersecurity

ATEK uses cloud computing technologies to offer the security and reliability of its solutions to its customers. By subcontracting hosting to companies specializing in IT infrastructure, this allows the ATEK team to concentrate its efforts on developing and maintaining the functionalities of the

ATEK uses cloud computing technologies to offer the security and reliability of its solutions to its customers. By subcontracting hosting to companies specializing in IT infrastructure, this allows the ATEK team to concentrate its efforts on developing and maintaining the functionalities of the ATEK platform.

Server hosting

We use Google Cloud Platform infrastructure to host our servers, giving us Google’s renowned reliability and security. The servers are located in the Montreal area, Canada. To learn more about the security of our solution, please visit the following link: https://cloud.google.com/security/ .

Google Cloud is a recognized and approved host for the public sector in Canada. For more details please visit the following link: Google Cloud for the Canadian public sector

Database backups

The database is backed up every hour. Backup copies are taken at 17:13 UTC. Daily backup copies of the database are kept for 1 day, weekly copies are taken on Saturday and kept for 4 weeks. Finally, monthly copies are taken on the last day of the month and kept for 12 months.

The database is located in Montreal, Canada.

Web server

The NGINX web server is the only gateway to the web platform. It acts as a firewall because all the servers are hidden behind this proxy. This server is used to:

  • Redirect traffic to the correct server: that of the application or that of the sensors

  • Balance traffic between servers based on the volume of connections

  • Offer the secure SSL connection “https://”

  • Allow certain IP address ranges to connect (whitelist, blacklist)

Server-side session authentication

Users require authentication to access the platform and data. This authentication is kept on the server side in order to prevent other computers from taking control of the API. After 3 hours of inactive user interaction, the session is destroyed and the user must re-authenticate.

Password Preservation

No password is saved in the database. Passwords require a minimum of 8 characters that must contain at least:

  • a capital letter,

  • a tiny one

  • a number

  • a special character

We use the “hash & salt” technique and only keep the mathematical encrypted result of the password. It is therefore not possible for administrators, company employees or potential hackers to view or steal user passwords.

User roles

There are 3 types of users with different permissions:

  1. A dmin Complete

  2. Group Admin

  3. Standard User

User traceability

All calls to the API by users on the platform are recorded, to ensure traceability of configuration changes.

Control of physical facilities

Only properly trained and accredited ATEK employees are permitted to access infrastructure equipment and must document their activities with security before and after accessing the site.

All ATEK infrastructures are protected against failures by using redundant and highly available systems, often in an N+2 configuration. These protections include the following systems:

  • Fire detection, suppression, and alert

  • Power and redundancy monitoring with automatic failover

  • Temperature control, monitoring and alert

ATEK’s infrastructure resides in data centers with a long history of competent, comprehensive security procedures. Facilities have extensive perimeter intrusion protection measures using biometrics and other physical security measures to restrict access to the data center themselves as well as sections on the data center floor.

Service Level Agreement (SLA)

ATEK uses commercially reasonable efforts to maximize the availability of its services and provide a minimum of 99.9% availability excluding maintenance windows and scheduled outages.

Accreditation and compliance

ATEK’s infrastructure is hosted in a variety of data centers, to ensure the fastest and most secure transmission of data between platforms. Our infrastructure partners hold several accreditations including: ISO 27001, SSAE16 SOC- 1 Type II / ISAE 3402, SOC 2 & SOC 3, PCI Level 1, FISMA moderate

CONFIDENTIALITY OF INFORMATION

Separating user data (client employees) from the ATEK platform.

No personal patient data is recorded in the ATEK platform.

Unrecorded data is data that cannot be exploited by malicious people.

Imported from Google Sites.