Sutherland Robility offers customers a comprehensive suite of security features to ensure data security. These features are designed to provide robust protection and can be automatically enabled or configured based on specific requirements. However, it is important to note that the effective utilization of these security controls relies on the organization's personnel who utilize the service.
Authorization of users and access control is managed by the customer's administrators. They are responsible for implementing controls to ensure that only authorized personnel have access to the system. The authorized data owner can define access restrictions, allowing access only to individuals with a legitimate business need. Fine-grained permissions are granted to corporate users through role-based access controls (RBAC) implemented from the Control Room. This allows for granular control over various aspects of the product, including credentials, bots, Robility Runner, Robility Designer, and SmartManager. RBAC models also enable the implementation of dual-controls and separation of duties within operations.
To ensure transparency and accountability, Robility provides comprehensive audit capabilities. All user actions within the platform are audited, providing a record of access and actions taken by operations personnel. This audit functionality is designed to align with industry best practices and helps organizations demonstrate compliance.
As bots are developed by customer business experts, Sutherland Robility follows secure software development life cycle (SDLC) processes. These processes include industry-standard practices for secure development, testing, and production environments. Sutherland Robility supports the separation of these environments through separate deployments and RBAC controls, ensuring the integrity and security of the automation workflows.
By offering robust security features, comprehensive audit capabilities, and adherence to secure SDLC practices, Sutherland Robility provides customers with a secure environment to leverage the benefits of the automation platform.
Encryption
To ensure the security and protection of customer data, Sutherland Robility leverages industry-standard encryption technologies throughout its service. Here are the key encryption measures implemented:
Encryption of Data in Transit: All communication between the customer's network and the Robility service is encrypted using HTTPS (Hypertext Transfer Protocol Secure) along with SSL (Secure Sockets Layer) or TLS (Transport Layer Security) 1.2. This encryption protocol ensures that data transmitted over the network is securely encrypted, preventing unauthorized access or interception.
Encryption of Data at Rest: Any data stored at rest is encrypted using AES-256 (Advanced Encryption Standard with a 256-bit key). AES-256 is widely recognized as a strong encryption algorithm that provides a high level of security for stored data. This encryption ensures that even if the physical storage media were to be compromised, the encrypted data would remain unreadable without the decryption key.
By utilizing HTTPS with SSL/TLS for data transmission and AES-256 encryption for data at rest, Sutherland Robility ensures that customer data is protected both during transit and while stored within the service. These encryption measures align with industry standards and best practices, providing a secure environment for the handling and storage of sensitive information.