Security

Data security overview

Without your trust, we wouldn’t exist. That’s why at Atomic, putting your trust first is at the heart of our business.

Atomic exists to help you harness the power of your paycheck. Our payroll connectivity reduces the friction for you to securely access your financial data in your employer’s payroll portal.

We help you give access to this data, such as a mobile banking app you use to access your money, and help companies create new products and services that help you achieve your financial goals.

Data Protection

Data Encryption

Data is stored in MongoDB and AWS and is encrypted at rest with AWS Key Management Service (KMS). Data is transferred via Representational State Transfer (REST) endpoints protected by Transport Layer Security (TLS) via AWS Certificate Manager (ACM) Certificates.

Data Integrity

To ensure data is inputted completely and accurately from the Atomic customer to the end user’s employment account, sensitive information, such as bank account and routing numbers are transferred digitally. Where automation is not available, there is a human in the loop as a secondary data validation control.

Data Retention

Atomic implements 14 day data retention controls for all transient systems where customer data is processed. This reduces the surface and timeframe for data mishandling.

Disaster Recovery and Failover

Atomic utilizes MongoDB and AWS data hosting services that meet SOC 2 availability requirements, including, maintaining appropriate environmental controls and redundancies. Atomic utilizes daily and real-time backups that are replicated across AWS servers in the same region.

Platform and Application Security

Assurance

Atomic has obtained a SOC 2 Type 2 report for the service environment.

Data Integrity

To ensure data is inputted completely and accurately from the Atomic customer to the end user’s employment account, sensitive information, such as bank account and routing numbers are transferred digitally. Where automation is not available, there is a human in the loop as a secondary data validation control.

Continuous Validation

Atomic uses AWS native tooling and 3rd party vendors to continually scan and assess exposure in our network perimeter, vulnerabilities of our servers and kubernetes containers, and misconfigurations in cloud resources.

Identity and Access Management

Atomic federates administrative access to our customer reporting and admin console through an identity provider, allowing centralized account management. Access to Atomic’s APIs leverage a combination of API keys and access tokens.

MFA

Multi-factor authentication is required for administrative access in both customer-facing and internal systems.

DDOS protection

Atomic leverages AWS load balancers with built-in DDOS protections.

High availability

Atomic utilizes multiple servers across multiple regions for data redundancy to withstand data center outages.

Asset management

Atomic uses a leading enterprise mobility management service to enforce security configurations, monitor device compliance, and detect endpoint security incidents.