Blue Prism Standards for Secure Robotic Process Automation
Every time a new technology, whether Cloud-based or Internet-based, is introduced into an organization, the security risk needs to be carefully evaluated and addressed. At the same time, control of RPA must be placed with business leaders throughout the organization for innovation and effectiveness to prosper. For this, we need an automation platform which is simple but also sticks to the high compliance and security standards that the industry mandates.
Blue Prism has an RPA technology that is unique because it is designed to perform automated tasks in the same way a human performs but with more security, by deploying Digital Workers. These Digital Workers operate with complete governance and security of the IT department, including the most regulated business sectors.
BluePrism Compliance and Security Standards
1. Certifications and Compliance
Blue Prism supports Payment Card Industry Data Security Standards (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley Act (SOX) compliant processes, with controls in place to provide the necessary security and governance. Blue Prism also has a contract with Veracode to undertake regular product vulnerability analysis.
Blue Prism has encryptions set in place for Data at Rest, Data in Use and Data in Motion. Cryptographic functionality used by Blue Prism is provided by the following third-party products like Microsoft Windows Operating System, Microsoft .Net Framework, Microsoft Windows Communication Foundation (WCF), Microsoft SQL Server.
In addition to this, Blue Prism also provides Obfuscation algorithms that help in reducing the risk of disclosing sensitive information. This method is often used to compliment other existing security technologies.
3. Credential Management
The Credentials Management functionality provides a secure source for login details required to access target applications by the Runtime Resources. Credentials are stored in the Blue Prism database and are encrypted using the encryption scheme defined by the client. The encryption key is stored separately, on the Blue Prism Application Server machine and is used to provide credentials to validated clients.
Blue Prism technology is supported by a system of methods for rapid business process development, deployment, and operational support. In the earlier days, there used to be a challenge of system interoperability. This has been solved by Blue Prism’s Connected-RPA technology that re-purposed the user interface as a machine interface. This enabled the Digital Workers to use and access the same IT systems as humans, independently of machine APIs.
Key Components of a Standard Blue Prism Architecture
Blue Prism is usually hosted in a private cloud known as “On-Premises” taking care of the security aspects. Even though the execution of Blue Prism is led by the business, it is recommended to deploy this platform and have it operated and governed by IT.
A standard Blue Prism architecture is comprised of four key components:
1. Blue Prism Runtime Resource
These are standard end-user desktops that are responsible for running the automated tasks. These resources require enhanced physical and remote security access. They are commonly referred to as “Digital Workers”.
2. Blue Prism Interactive Client
These are physical or virtual end-user desktops that facilitate the setup, development, configuration, scheduling, and monitoring of Blue Prism processes across the environment.
3. Blue Prism Application Server
Key features enabled by this component, which is typically provisioned as a virtual Windows Server include: secure credential management, database connection marshalling, data encryption, and scheduled process execution.
4. SQL Server Database
A Microsoft SQL Server database is used as a centralized repository that holds process definitions, logs, audit, and user information. The connection from the Blue Prism components exists via the Blue Prism Application Server.
Blue Prism offers the most complete and enterprise-level security. It ensures that its centralized, data center hosted approach is IT governed and its business-run platform is the most secure and the most reliable.
Robust authentication and authorization capabilities make sure that organizations can deploy a digital workforce that is aligned with their standard operating procedures. Extensive logging and alerting options ensure complete visibility and audit trails for both Digital Workers and Blue Prism users.
Watch this space to get updates on Blue Prism related news.
Talk to our experts to deliver Blue Prism digital workforce designed to automate your operational activities and drive greater ROI.