About the security issue with UiPath Studio & Orchestrator <URGENT>


#1

Hey guys,

I’m currently on PoC (Proof of concepts) with one of our client who are in financial industry. One of the well-known issue with doing a project in the finance sector is that the clients are very concerned with the security issue, especially when it comes to handling the customer datas. I came up with two questions to ask,

  • Questions on the UiPath Orchestrator,
  1. Can you control the access of UiPath’s server by applying different access-level to a person or a group? If there is a way to do so then how?

  2. Where could I get more depth info on the Algorithm that UiPath use for their Orchestrator? (eg. Assets)

  3. Are there any way of implementing the security code on each data to increase the security level?

It would be great if anyone who know about this stuff reply,


Information about Security
#2

Hello @jdizzle,

Hope this could helps you:

  1. The Roles page enables you to manage user permissions in Orchestrator. A user’s view of Orchestrator is dependant on the role(s) assigned to it.
  1. Check UiPath Platform documentacion online:

https://orchestrator.uipath.com/

For example all credentials assets stored are encrypted with the AES 256 algorithm.:

  1. To protect sensitive information that is logged during the execution of your automation at the Verbose level, you can choose not to log variable and argument values in both Orchestrator and Studio.

Regards,
Susana


Security RPA
#3

@Susana

Thank you for your reply!

I have further questions for you!
Are there any other ways of handling data that are stored locally (ex. local pc) by implementing them with extra level of security? For example, my client are concerned whether the UiPath can prevent the captured image (ex. the ones that are captured by using ‘click image’ or other activities) from getting transformed by other personnal. Are there ways of securing the image of client’s own signature?

it would be great if you rpely!

thanks,


#4

Hello @jdizzle,

Sorry, I’m not sure about this subject , I think you could do it using some of the vb.net libraries for managing signature digital.

Regards,
Susana


#5

I’m not an expert on this topic so take my advice with a pinch of salt. The Screenshots used for activities like click image are stored in a screenshots folder contained within the flows project folder. You could look to possibly secure this by locking that screenshots folder access to only the robot?

So that only the robot can read/write to it and therefore secure it.