- 发行说明
- 入门指南
- 设置和配置
- Unassisted Task Mining
- 其他资源
安全性
UiPath® goes to great lengths to ensure that data related to your RPA projects remains safe and secure, without exception. When using UiPath® Task Mining, your data benefits from multiple layers of security and governance technologies, operational practices, and compliance policies that UiPath® enforces.
UiPath® Task Mining is comprised of four main components: the recording application, Data Preprocessor, Analyzer, and Admin Portal. Together these components run studies on the tasks performed by users in your environment. From these studies, UiPath® Task Mining will identify a list of tasks that are good candidates for automation and produce a detailed process map for the tasks. These studies are controlled by your system administrator and the data collected during the studies is encrypted to ensure your users’ privacy is not violated.
管理门户和分析器均通过在 Microsoft Azure 中构建和托管的软件即服务 (SaaS) 模型提供。它们都使用 Azure 的核心服务,包括计算、存储、网络、SQL 数据库、应用程序配置、密钥保管库中的密码存储以及身份和访问管理。
This allows us to focus on the unique aspects of running UiPath® services while taking advantage of, and building upon, Azure’s state-of-the-art capabilities in security, privacy, and compliance. We also utilize the industry certifications available through Azure.
At UiPath®, we share the responsibility of protecting your data with Azure and strictly adhere to the guidance they publish.
对于我们服务中所有数据存储空间中的所有静态客户数据,我们都会做加密处理。例如,我们在 SQL 数据库中使用了透明数据加密。
无论是通过互联网还是在我们的内部服务组件中传输数据,所有数据都会通过受保护的渠道进行传输。
UiPath® collects two categories of data from users to operate and improve Task Mining Services:
- Customer data: Includes user-identifiable transactional and interactional data that we need to operate the service and to manage your contract with UiPath®
- 系统生成的日志:包括可能已汇总的服务使用数据,包含多份客户数据
From a GDPR standpoint, UiPath® is considered a data processor. As such, we honor all obligations of a data processor by providing customers with full control over their data, in accordance with the product architecture and implementation.
我们已确保能按照要求为您导出您的所有数据。如果您使用 UiPath Task Mining 关闭帐户,或以其他方式请求删除数据,我们会在必要的 30 天软删除期过后从系统中删除这些数据。
我们知道客户非常关心数据的位置。 我们将为符合付费用户的位置和主权要求的区域内的用户提供所有内容,并存储所有数据。 要查看当前支持的区域集,请访问数据驻留。 随着客户群的增长,我们可能会继续增加其他区域。
强制执行数据驻留,因为我们现在使用 Microsoft 认知服务进行 PII 掩码,并且这适用于租户区域。
UiPath® addresses the following aspects of security and compliance in order to help prevent breaches and uphold the highest standards for data security, privacy, and availability:
Task Mining uses Azure's Platform-as-a-Service (PaaS) offering for much of its infrastructure. PaaS automatically provides regular updates for known security vulnerabilities.
UiPath® security and development teams work hand in hand to address security threats throughout the development process of Task Mining.
这些团队会在服务设计期间执行威胁建模。他们遵守设计和编码最佳实践,并使用多管齐下的方法来验证最终产品的安全性,该方法会利用内部构建的工具、商业静态和动态分析工具、内部渗透测试和外部错误赏金计划。
We also monitor vulnerabilities introduced in our codebase through third-party libraries and minimize our dependency on these libraries and corresponding exposure. Because the security landscape is continually changing, our teams stay current with the latest in best practices. We also enforce annual training requirements for all engineers and operations personnel working on UiPath® cloud services.
Ensuring that UiPath® Task Mining services are available so you can access your organization’s assets is of the utmost importance to us. That is why we rely on Azure’s backup mechanism and practice data recovery.
We employ other fail-safes to help ensure availability. A malicious distributed denial-of-service (DDoS) attack, for example, could affect Task Mining service availability. Azure has a DDoS defense system that helps prevent attacks against our service. It uses standard detection and mitigation techniques such as SYN cookies, rate limiting, and connection limits.
该系统不仅可以抵御来自外部的攻击,还可以抵御 Azure 内部的攻击。
我们努力将服务的受攻击面最小化,并竭尽全力减少发生数据泄露的可能性。但是,仍然可能发生安全事件。
万一出现漏洞,我们会使用安全响应计划,最大限度地减少数据泄漏、丢失或损坏。在整个事件期间,我们会向客户透明地披露信息。我们的 SRE 和安全团队提供 24x7 全天候服务,他们将随时待命,迅速找出问题所在,并利用必要的开发团队资源来控制事件的影响。
该团队解决问题后,我们会继续执行安全事件管理流程,确定根本原因并跟踪必要的修正,以确保将来不会出现类似的问题。
我们会严格控制有权访问我们生产环境和客户数据的人员。
仅在提供适当的理由并经过验证后,我们才会在所需的最低特权级别向其授予访问权限。如果团队成员需要访问权限来解决紧急问题或部署配置更改,必须申请对生产服务的“适时”访问权。
情况解决后,系统即会撤销访问权限。系统会跟踪访问请求和批准。我们对所有生产系统的访问权限使用双重身份验证,因此如果我们其中一名开发人员或操作人员的用户名和密码曾经被盗,数据仍将受到保护。
我们通过 Azure 管理门户安全地管理、存储和传输我们在管理和维护服务时使用的密码(如加密密钥)。
所有密码定期轮换,在发生安全事件时,还可以按需轮换。
With a solid foundation for security and privacy, UiPath® is working towards obtaining industry certifications and accreditations over the next year, which include Veracode continuous for our Cloud Platform, ISO 27001:2013, and ISO 27017, CSA Star and SOC 1 Type 2.
管理门户和分析器均通过在 Microsoft Azure 中构建和托管的软件即服务 (SaaS) 模型提供。它们都使用 Azure 的核心服务,包括计算、存储、网络、SQL 数据库、应用程序配置、密钥保管库中的密码存储以及身份和访问管理。我们和 Azure 共同负责保护您的数据,并会严格遵守 Azure 发布的指南。
To find out Task Mining security assurances check out the UiPath® Security page.
