At Athena Workflow, the security of your team and client information is a high priority for us. If you have any questions after reading this, or believe you have encountered an issue affecting security or privacy, please let us know by contacting us at [email protected].
We use Stripe for encrypting and processing credit card payments. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1, the most stringent level of certification available in the payments industry. For more information, refer to Security at Stripe
This refers to credit or debit card numbers, personal financial account information, Social Security numbers, passport numbers, driver’s license numbers or similar personal identifiers, racial or ethnic origin, physical or mental health condition or information, other employment, financial or health information, or information about individuals under the age of 16.
Subscribers provide payment information including credit card information, which is stored with a PCI-Compliant processor.
Athena Workflow relies on a number of third-party systems and components to serve our customers, from a 3rd party CRM vendor in Sales to external hosting for our Application. All 3rd party tools are evaluated to ensure that they meet our security and privacy requirements.
Our application and all associated customer data is hosted in US data centers . These data centers have been certified to:
ISO 27001
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
FISMA Moderate
Sarbanes-Oxley (SOX)
To learn more about the Physical Security, Environmental Safeguards, Network Security, and Vulnerability Management of our hosting infrastructure.
The Athena Workflow application receives annual security scans from Cigital to maintain its listing with Apps.com platform. These scans determine our application’s ability to resist common attack patterns and identifies vulnerable areas that may be exploited by a malicious user. Cigital determines that Athena Workflow security controls are effective in resisting common attack patterns like:
Input Validation Attacks
Confidentiality Attacks
Authorization Attacks
SQL Injection
All issues identified by the security scans are addressed as soon as practicably possible.
Our data is continuously and automatically backed up. Backups are stored on physically separate systems and are tested regularly.
Our hosting provider is designed for stability, mitigates common issues that can lead to outages, and can recover failed components.
Athena Workflow periodically tests our ability to redeploy our application in the event of catastrophic failure at current data centers.
Athena Workflow supports TLS 1.2 for all client connections, when possible. For the most secure experience, make sure you are using the latest version of a TLS supported browser. Check your browser TLS compatibility using at SSLLabs.com.
Data at rest is protected by AES-256, block-level storage encryption.
Athena Workflow designs all our internal and external systems with the security and privacy of customers in mind. All changes to infrastructure or applications are reviewed for security and privacy impacts. We monitor multiple channels of information and use various monitoring tools to evaluate the security of our systems. Any issues found in the Athena Workflow application is assessed, ranked for risk, then prioritized for mitigation.
Athena Workflow employees are granted access to Customer Data when required to fulfill their duties, which includes everything from assisting customers with questions to evaluating the impact of changes on the system. All Athena Workflow employees undergo pre-employment background checks and are given frequent guidance on how to securely handle all customer data. All access is revoked when an employee leaves or is in a role that does not require access to Customer Data.
As a part of Athena Workflow standard procedures, we ask for permission before entering a customer account on their behalf and only make changes on customer request.
All Athena Workflow application access is logged. Our PCI-compliant payments process logs all access and changes to payment and billing related information.
Athena Workflow retains all data for active customers. Customers are free to cancel their accounts at anytime and request the full deletion of their Athena Workflow data from our systems.
Our hosting provider uses techniques outlined in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data when deprovisioning resources, ensuring that our customer data is fully erased when no longer used.
If Athena Workflow believes that a customer’s data has been accessed by unauthorized persons, we will notify impacted customers within 48 hours of discovery.
Athena Workflow is practice management software that is also called client management software, accounting practice management software, or due date tracking software.
Athena Workflow is practice management software that is also called client management software, accounting practice management software, or due date tracking software.
All content that appears on this website is owned, copyrighted, and owned or licensed by Athena Workflow ™. Any unauthorized use of trademarks or content on this website is strictly prohibited. All rights reserved.