Cybersecurity

The security of our clients, end-consumers, employees and providers is Atento’s top priority. Security is an essential part of our business processes, our technology, our strategic vision and of our employees and technology partners.
Our Cybersecurity Framework
Our Corporate Security Policy influences the entire organization and reflects our leadership’s commitment to the implementation of the necessary security management regulations and procedures.
Atento's comprehensive Cybersecurity best practices have been reviewed and updated to guarantee safety.
These are the key pillars of our Cybersecurity Policy:
Information as a strategic asset
We consider information and the systems that support it as strategic assets, and we seek to guarantee their protection in terms of authentication, confidentiality, integrity, availability and traceability.
Cybersecurity Committee
We have a Cybersecurity Committee in charge of guaranteeing compliance with the highest standards
Innovative Security Standards
We promote the implementation of the appropriate security levels to manage security incidents that may occur
Continuous Training
We develop training and promote awareness on Cybersecurity for all our teams and collaborators.
Cybersecurity and Risk Management System
Our Cybersecurity Management System is based on international standards and codes of good practice, to identify, quantify, prioritize and treat risks.
Business Continuity
We provide the necessary mechanisms to ensure the continuity of Atento's critical activities in the event of serious contingencies that affect information systems.
Resilience as a strategy
Cyber-attacks are becoming more frequent and sophisticated. This forces businesses to constantly improve their ability to prepare for, respond to and recover from security incidents.
Our resilience strategy is focused on ensuring business continuity, reducing downtime, and allowing to spend more time on the business as usual.
Prevent, detect and recovery
We have developed a comprehensive strategy with defined steps that guide our daily practices.

Prevent

Detect

Recovery
We have partnered with the two leading providers in the market for support in case of intrusion or new events, through detection, and prevention systems
Our security strategy is focused on identifying asset vulnerabilities, threats to internal and external organizational resources, and risk response activities. We also implement Continuous Security Monitoring systems, including intelligence services, to track cybersecurity events and verify the effectiveness of protective measures, including network and physical activities. Furthermore, we activate mitigation protocols to prevent the expansion of an event and resolve incidents.
We trust that our Global SOC services will solve threats in less than 1 hour.
In case an incident is not remediated by Global SOC services, the following processes will happen:
- We isolate the affected network segment
- We activate Incident Response and Recovery Team
- We start tested BCP plan
- We activate the agreed protocol with clients to report the incident and control the risks
- We Recover affected systems from safe and clean backups
Cybersecurity managed services to clients
Hiring qualified security professionals is a struggle in a market with high demand and scarce skills. In-house security professionals spend their time on the most business-critical tasks. Determining which activities can be managed by SECaaS providers, can help clients optimize time and resources.


Knowledge reuse for Client Advise
Reusing knowledge is an effective, scalable way to improve productivity and accelerate organization-wide initiatives. Atento applies best practices gained from experience with other clients to save time and money, minimize risk, and increase effectiveness.

Certifications & recognitions
Atento’s commitment to Cybersecurity helped different sites to obtain certifications for information security.

Information security

Standard for IT
service management

Information Technology
Management

Payment Card Industry
Data Security Standard

National security
scheme