- Getting started
- Data security and compliance
- Organizations
- Authentication and security
- Licensing
- Tenants and services
- Accounts and roles
- External applications
- Testing in your organization
- AI Trust Layer
- Notifications
- Logging
- Troubleshooting
- Migrating to Automation Cloud Dedicated
Automation Cloud Dedicated admin guide
UiPath® enforces encryption in transit and at rest. All communications inbound to the UiPath Platform services and products require at least TLS 1.2. Additionally, all data at rest is encrypted using Transparent Data Encryption (TDE), which leverages AES 256-bit encryption.
In Automation CloudTM Dedicated, encryption at rest is enabled by default for data stores such as SQL and Azure storage (Blob, disks, and files). Currently, UiPath manages the TDE protector as the default setting.
-
UiPath-managed key: UiPath creates, stores, and protects the keys used for encrypting your data. This is the default option, and it is automatically enabled.
- Customer-managed key: Your encryption keys reside in your own Azure Key Vault, giving you full control over key creation, storage, rotation, and access permissions.
By default, key auto-rotation is enabled and occurs every 18 months. This operation only decrypts and re-encrypts the database encryption key.
The system auto-updates the TDE protector with the latest key version found in Azure's key vault within 24 hours. The auto-updating feature, combined with the regular, automatic protector rotation, provides an end-to-end zero-touch rotation system for the TDE protector.