Security at ATOSS
To protect and securely process your data, ATOSS relies on a comprehensive security strategy that is aligned with leading industry standards as well as the requirements of the NIS2 regulation and ISO/IEC 27001, ensuring that every aspect of your data’s security is consistently and proactively addressed.
This includes, in addition to the R&D security process for the secure development of our software, technical compliance for the integration of our software solution into HCM systems, ensuring information security in our Cloud Operation Service, as well as the continuous further development of our security measures aligned with NIS2.
R&D security process
Since the integrity and security of business operations are essential for all companies in all sectors, ATOSS, as a provider of HR business software, is committed to ensuring the highest possible level of security in its products. The most visible proof of our commitment is an established dedicated process for the development of our security application.
Secure cloud operations
Our Cloud Operations Service Teams are responsible for managing our cloud services. This includes initial provisioning, ongoing operations, as well as continuous optimization and performance of the cloud platforms. To ensure the technical security of ATOSS Cloud Operations, we operate an ISO/IEC 27001-certified Information Security Management System (ISMS), which drives continuous improvements and makes a significant contribution to fulfilling the requirements of the NIS2 regulation.
NIS2-Compliance
As one of the few providers of workforce management software solutions, ATOSS Software SE is classified as an “essential entity” under the EU NIS2 Directive – a designation that underscores our scale, security posture, and strategic relevance as a software provider.
This regulatory obligation translates into clear benefits for our customers: increased service availability and resilience, independently verified information security, and a long-term partner that is legally bound to uphold the highest security standards.
Supplier security
As an international software company, ATOSS must comply with high information security requirements. This Code of Supplier Information Security (CoSS) is a necessary component of our information security management to guarantee the highest possible information security for our end customers.
Technical compliance
ATOSS relies on team spirit and an international partner ecosystem with the highest technical security standards, including cloud quality and static security code.
- SAP awards ATOSS the „Premium Certification for SAP Endorsed Apps“
- DATEV issues ATOSS interface the conformity mark as a „Software-Lösung mit technisch geprüfter DATEV-Schnittstelle“ (in German)
Data residency
We achieve the future security of our ATOSS Cloud Services through scalability, a best-of-breed approach and location independence. The use of European and international data centers of the hyper-scalers and service providers cooperating with us will be further expanded as part of our multi-scaler strategy.
What you should know about data storage and data processing in the ATOSS Cloud Services.
