Bank-level security

Multi-Factor Authentication

In addition to username and password, to access Atlas from a new device, users must input a system-generated code sent to them via SMS. This means that, for a hacker to access your account, in addition to the username and password, they also must have access to the smartphone registered with the portal. To gain access from mobile devices, we also use biometric validation, whether fingerprint or facial recognition.

Passwords that meets the market’s highest security standards

Atlas uses an algorithm to assess whether the user’s password is strong enough, based on how long it would take to break it. Weak passwords or those easy to break are not accepted by the system.

Session timeout for inactivity

Atlas times out any session that is inactive for 15 minutes, which can be unlocked only using the password (web) or biometrics (apps). No one can access your device and log onto Atlas 15 minutes after your last action on the system.

E-mail confirmation of login with access-revocation capability

Each time a user accesses the system, Atlas sends an e-mail with the login information, and it is the only system on the market that allows users to revoke sessions via a direct link, even if they are not logged onto Atlas. In practice, if you receive an e-mail informing you of an unidentified session, a simple click on the link revokes it, even if you are not logged onto the system.

Email eng

Audit trail

The client administrator at Atlas has access to the complete audit trail, which registers any and all accesses, as well as any and all content insertions, modifications or deletions. Any action may be undone via a request to the administrator.

Session Manager

Within your Atlas profile, you can examine which sessions are active on which devices and revoke any of them with one click.

Watermarks on 100% of documents

Atlas converts all PDF, PowerPoint, Word, Image and other files to PDF and adds a watermark with the name, date/time and e-mail of the person who downloaded them. All documents downloaded from Atlas can be traced.

AuditLog eng

Self-backup

The client administrator has access to Atlas’s self-backup feature. Since the database is encrypted and isolated, the only way to back up data is through access by the client’s Administrator. Atlas generates the backup and sends a link for download via e-mail.

Export eng

Certifications

  • ISO 27.001, 27.017, 27.018,
  • SSAE16 SOC I, II e III
  • ISO 22.301, 20.000 e 9.001
  • CSA STAR Gold level

Cryptography

  • Criptografia AES 256 Microsoft Always Encrypted
  • Criptografia em transito TLS 1.2 com protocolo Https

OWASP Top Ten Membership (Open Web Application Security Project)

Atlas is 100% adherent to 10 items identified as critical to web application security by OWASP, a nonprofit foundation that acts as an open community focused on web security.

Penetration Tests

Atlas regularly conducts penetration tests and code validation.

Testes de penetração