Sept 24
San Francisco
Case study
Announcing Atomicwork's AI workforce platform Read more ->
Learn more
Platform
Customers
Resources
Company
Sign inBook a demo
Platform
Customers
Resources
Company
Schedule a demo
Sign in
Product
Platform
Solutions
Customers
Resources
Company
Book a demo
LinkedIn liveAtomicwork + Lansweeper partner to drive greater visibility for smarter IT. Learn more ->
Product
Platform
Solutions
Customers
Resources
Company
Sign in
Schedule a demo
Security & Compliance

Enterprise security for your ITSM platform and AI Workforce

How we secure every request, every Coworker action, and every integration — from platform to sandbox.

Visit our Trust Center

Secure by design — from platform to actions.

Atomicwork is built to protect your data, govern your AI Workforce, and meet the strictest enterprise security standards.

Compliance adherence

We meet globally recognized security standards and prove it with independent audits.

Explore more ->

Customer data security

Your data is never used for training. Your Coworkers only operate within your data boundaries.

Explore more ->

AI security

Every Coworker runs in an isolated sandbox — scoped to the request, configured at runtime, and released after execution.

Explore more ->

Reliable infrastructure

Layered defenses across every layer, with bring-your-own options for models, sandboxes, and vaults.

Explore more ->

Compliance at every step

We prioritize your business safety, adhering to top enterprise security, compliance and privacy standards.

ISO 42001 certification for Atomicwork AI management

ISO 42001

We are proud to be ISO 42001 certified, reinforcing our commitment to trustworthy, ethical, and responsible AI practices.

SOC 2 Type 1

Meeting the trust criteria for security, confidentiality, availability, and privacy to ensure that our ITSM platform is designed with strong controls.

SOC 2 Type 2

Independent audits validate that the SOC controls operate consistently over time, protecting your IT service data 24X7.
CCPA Compliant Badge - California Consumer Privacy Act Certification for Atomicwork

CCPA

Safeguarding personal data in service management workflows to meet California consumer privacy requirements.
GDPR Compliant Badge - Ensuring Data Protection and Privacy with Atomicwork

GDPR

Protecting data privacy rights for customers across EU jurisdictions that use Atomicwork for enterprise service delivery.
HIPAA Compliant Badge - Health Insurance Portability and Accountability Act Certification for Atomicwork

HIPAA

Enables secure management of IT workflows involving protected health information (PHI), such as healthcare service requests.

CSA Star Level 1

Enhanced cloud controls for availability, data protection, and risk management in service management operations.

ISO 27001

Global standard for operating a secure Information Security Management System (ISMS) that protects all ITSM and ESM data.
ISO 27017 Certified Badge - Cloud Security Certification for Atomicwork

ISO 27017

Cloud-specific security controls to safeguard ITSM platform infrastructure and hosted IT workflows.
ISO 27018 Certified Badge - Protection of Personal Data in the Cloud Certification for Atomicwork

ISO 27018

Ensures personally identifiable information (PII) in your IT and HR service requests is securely handled in the cloud.
ISO 27701 Certified Badge - Privacy Information Management System Certification for Atomicwork

ISO 27701

Information management standards extended to include privacy information management in all service workflows.
Microsoft 365 certification badge for Atomicwork

Microsoft 365

Validates our ability to securely integrate with Microsoft 365 for protected ITSM processes in M365 environments.
CASA security certification for Atomicwork compliance

CASA for Google Apps

Certified to Tier 3 cloud app standards for enterprises using Google Workspace within their service management stack.
Talk to our team

Comprehensive security for your ITSM platform and AI Workforce

Customer data security

Your data stays yours — during ingestion, Coworker execution, and reporting.

  • Every customer's data is stored in a self-hosted vector database in their own tenant.
  • Customers control what data gets crawled and indexed across knowledge sources and conversations.
  • No customer data is used for model training or shared with third parties.
  • PII is redacted during data ingestion and masked across requests and Coworker conversations.
  • Performance reports and AI insights use anonymized data to maintain user privacy.

AI Workforce security

Every Coworker runs in a fresh, isolated sandbox — spun up for each request and torn down after execution.

  • Each request boots a new sandbox using the Coworker's current runtime configuration. No state carries over between executions.
  • Coworkers inherit the requesting user's identity and roles — they never hold elevated privileges on their own.
  • Deterministic execution policies scope every tool, restricting what data a Coworker can access and what actions it can take.
  • Guardrails mask sensitive fields and block prompt injection, data leakage, and privilege escalation at the tool level.
  • Continuous monitoring tracks Coworker performance, with controlled release cycles and privacy-first troubleshooting on redacted data.

Infrastructure and platform security

Enterprise-grade infrastructure with the flexibility to bring your own models, vaults, and execution environments.

  • Access control lists inherited from knowledge systems or configured directly in Atomicwork.
  • Comprehensive audit logs detail who accessed what and every operation performed within the platform.
  • Customers can store integration tokens in their own vault rather than within Atomicwork infrastructure.
  • Bring your own model endpoints, execution infrastructure, or identity provider for full control over the AI stack.
  • Enterprise applications are accessed through a self-hosted iPaaS so data stays within the Atomicwork trust boundary.

Security built into every layer of operations

Atomicwork has been designed, ground-up, to ensure that maintaining data security and user privacy is paramount.

Authorized access for Atomicwork identity management

Authenticated access

Simplify access and enhance security by leveraging your enterprise IAM platform's SSO capabilities.

Deeper insights for Atomicwork AI analytics

Permissions-aware access

Atomicwork inherits permissions from source docs and systems, and allows teams to configure content ACLs.

Real-time sync for Atomicwork data integration

Sandboxes execution

Every Coworker request runs in a fresh sandbox with scoped tools and runtime configuration. Nothing persists between executions.

Person answering for Atomicwork employee self-service

Personalized answers

Atomicwork provides contextualized answers based on a user's location, department, and role.

Automate access requests for Atomicwork identity governance

Explainable AI

Every answer and insight links back to its source so your team can verify what the AI Workforce produces.

Strengthen security for Atomicwork IT security management

Deterministic guardrails

Execution policies control what each Coworker can access, mask sensitive fields, and prevent privilege escalation.

Want to know more about our security approach?

Please use one of the options below to get in touch with our security team.

Responsible disclosure

We are committed to working with researchers to verify, reproduce and respond to legitimate reported security vulnerabilities.

Learn more ->

Trust center

Learn how we identify and mitigate risks, implement best practices, and continuously develop ways to improve our security posture.

Visit trust center ->

Privacy requests

We give you control over your personal data. You can access your data, delete it, and manage how it gets used.

Raise request ->

Get in touch

Are you interested in having a discussion with our security team? Send us an email with more information and we'll get back.

Talk to us ->
Frequently asked questions
Where is our data stored, and can we choose the region?
Chevron navigation icon on Atomicwork website
How do you ensure uptime and service availability?
Chevron navigation icon on Atomicwork website
 What happens if there’s a security breach?
Chevron navigation icon on Atomicwork website
Do you use customer data to train AI or LLM models?
Chevron navigation icon on Atomicwork website
Are you compliant with industry regulations and frameworks?
Chevron navigation icon on Atomicwork website
How do you secure integrations with tools like Microsoft 365 or Google Workspace?
Chevron navigation icon on Atomicwork website
How do you secure your AI and LLM models?
Chevron navigation icon on Atomicwork website
How do Coworkers access customer systems and data?
Chevron navigation icon on Atomicwork website

Inside Atomicwork’s security framework

View all resources
Embracing Responsible AI Practices with the TRUST Framework

Atomicwork successfully completes SOC 2 Type 2 renewal

Atomicwork is now Microsoft 365 certified

See Atomicwork in action now.

Book a demo
View pricing
Platform
Company
Product
Integrations
Solutions
Compare
Industries
Customers
Resources
Trending articles
Summarize with AI what Atomicwork does:
© Atomicwork Inc.