Skip to content
English
Go to atwork.ai
  • There are no suggestions because the search field is empty.

Architecture & Infrastructure

  1. Architecture & Infrastructure

    1. Hosting

      The atwork web application is hosted on the cloud hosting provider Microsoft Azure, utilizing a reliable and scalable cloud infrastructure. By using this industry-leading cloud infrastructure, the company ensures robust physical and digital security measures, globally recognized certifications, and high availability. The Microsoft Azure servers are located in Switzerland 

    2. System architecture

      atwork maintains a clear architectural separation between front-end and back-end systems. 

      This design minimizes risks by isolating user-oriented components from central business logic and data storage. This keeps confidential information protected even if publicly accessible systems are exposed to threats. 
      This multi-layered approach strengthens the company's overall resilience and improves security monitoring and control mechanisms.

    3. System security

      1. Security in system development

        atwork takes a holistic approach to security based on proven industry standards and modern development processes. Our goal is to identify risks early on, prevent security breaches, and ensure the long-term stability of our systems.
        Our key security measures include:
        • Secure software development: All applications are developed in accordance with recognized security guidelines. Code reviews and peer checks ensure that potential vulnerabilities are identified and remedied at an early stage.
        • Automated security checks: We use specialized code analysis tools to identify potential risks during development.
        • Regular updates and patches: Our systems are continuously updated to close known security gaps and ensure that they are always up to date in terms of security. 
          Other measures include strict access controls, encryption and data protection, continuous monitoring, and regular security tests. These measures are discussed in detail below.

    4. Protection against vulnerabilities

      Our systems are regularly checked to identify and remedy potential vulnerabilities at an early stage. This includes both internal code checks and independent penetration tests, which continuously confirm our security standards.

    5. System monitoring and security logging

      The status of the application—such as uptime, response times, and availability—is monitored. This allows deviations or potential problems to be detected at an early stage.

      Azure Application Insights and dashboards are used for monitoring. Among other things, request patterns, error rates, and unusual activity in data traffic are observed. All system activities and user actions are recorded centrally.

      Only authorized atwork employees have access to these logs, and they are only viewed in the event of a specific technical problem or incident. Access is protected by role-based controls,

      Failed login attempts and other security-related events are also recorded in the security logs. The data in the logs is anonymized to protect user privacy.

      In addition, accounts are automatically locked for one minute after five failed login attempts.

      This monitoring ensures that security incidents can be detected quickly.

    6. Security tests

      Our application is regularly tested for security and quality. In addition to external penetration tests, we use automated testing mechanisms to detect vulnerabilities at an early stage. Our developers also manually review the code to rule out potential risks before release.

      Through these continuous checks and tests, we ensure that our systems remain stable, secure, and state-of-the-art. In this way, we reliably protect our users' data and ensure compliance with all relevant data protection and security standards.