Athena’s Commitment to Security

Written By Georges Chouchani

At Athena, we understand the importance of security in every aspect of working with our partners. Our commitment to safeguarding the projects we undertake as well as maintaining high levels of security is one of the pillars on which our company was initially built. In this blog post, we are going to go over our security principles that enable us to ensure that security is at the forefront of our delivery to our partners and ensure that any possible exploit or issue is managed quickly and efficiently.

Our Principles

Below, are our security principles that we enact at Athena Consulting:

  1. Non-Disclosure Agreements are a mandatory and sacred part of all agreements signed with contractors, employees and partners of Athena Consulting. Athena takes these agreements very seriously and follows a “No-Second Chances” policy where any breach of this agreement will lead Athena to prosecute offenders to the full extent of the law.

  2. We follow a “No Use, No Need” principle for Access Control within our organization. We assign access rights meticulously, granting access to team members that will use the data shared. If the member does not have a direct need for the data, then they will not have access to it. This strategy minimizes the risk of internal and external unauthorized access.

  3. We only use secure communication channels. All our communications with stakeholders and team members are facilitated through secure and encrypted channels.

  4. We log and document every action within our organization’s tools. Every single action, decision and communication is meticulously documented and logged. This guarantees that all actions are traceable and accountable, and allows us to review every step of our workflow, ensuring compliance with all policies and our partner’s expectations.

  5. We invest heavily in security at our organization. We are constantly expanding our security team with experts from around the world. We are also in constant communication with consultants that can help improve our security framework at Athena and all its partners. Finally, we offer continuous learning programs to our team to ensure our team stays ahead of the latest security best practices.

  6. We partner with the best to ensure that we build secure products. We are partnering with security audit and cybersecurity companies to help us ensure that we are building safe and secure solutions to our partners.

  7. We have a well-defined incident plan in place. In the unlikely event of a security breach or incident, we act swiftly to contain and control the situation as soon as possible, we immediately engage our security team to investigate the perpetrator and determine the causes, communicate with the relevant partners and stakeholders of the project, as well as directly launch our recovery process. We also finally offer a post-mortem report for complete transparency and to use this incident to improve our security strategies in the future.

  8. We believe in the continuous improvement of our security practices. No security framework is fool proof, we actively seek feedback from our partners, team members and external experts to constantly improve our security policies and procedures to adapt to the evolving threat landscape.

Quarterly Security Reports

Every quarter, Athena will start releasing a Quarterly Security Report that details our latest updates on our security partners, procedures and policies to remain transparent with all necessary stakeholders.

The report will include:

  1. Partnership Developments: Detailed insights into our collaborations with security audit and cybersecurity companies and the resultant enhancements in our security protocols.

  2. Policy and Procedure Updates: A clear and concise summary of any amendments, additions, or revisions to be made to our security procedures and policies during the past quarter.

  3. Security Initiatives: An overview of the new security initiatives launched, including investments in technology, team expansions and education programs.

  4. Incident Reports: A transparent summary of any security incidents, the response taken and the lessons learned to avoid any future similar incident.

  5. Compliance and Regulation Updates: Insights into our ongoing efforts to comply with emerging global data protection laws and regulations.

This report will be systematically distributed to all relevant partners and clients of Athena as well as shared on our official website.

For any further information or questions regarding our security practices, please feel free to email security@athenaconsulting.io and we will make sure to get back to you as soon as possible.


Georges Chouchani
Next

The Reason Athena Is The Future