Cloud Security FAQ - Access Control and Data Separation

What are the frequently asked questions on Access Control and Data Separation to offer security in Cloud ?

Access Control and Data Separation

  • How does the UiPath Cloud limit access to data?
All data entered into the UiPath Cloud platform is considered sensitive production data, and UiPath does not classify it. Each Customer is issued their own vault that stores certificates, keys, and any other credentials working between services. Additionally, all user accounts and application accounts are tied to a customer identity that serves as a separate domain. All accounts are added or invited by the initial admin account created by the customer. UiPath support operates on the principle of least privilege and has no access to the environment unless first approved by the customer.
  • How is customer data separation achieved in the UiPath Cloud?

Each customer is provisioned their own passwords and encryption keys to protect data across all applications, storage, and databases for supporting the customer's management portal and Orchestrator tenants.

Certain services, such as licensing and machine learning models, are accessed via API from the customer’s tenants, and are shared across customers.

  • What protections are in place for PII and sensitive data?

UiPath is considered a data processor for usage of Cloud RPA. No PII data is entered by default. UiPath enforces encryption at rest and in transit to be compliant with GDPR and other similar privacy regulations.

All Data entered into the UiPath Cloud platform is considered sensitive production data and UiPath does not classify it. Each Customer is issued their own vault that stores certificates, keys, and any other credentials working between services. Additionally, all user accounts and application accounts are tied to a customer identity that serves as a separate domain. All accounts are added or invited by the initial admin account created by the customer. UiPath support operates on the principle of least privilege and has no access to the environment unless first approved by the customer.

  • Are fine-grained user permissions available?

Yes. Signup of new services is delegated to only admin or user roles. Orchestrator tenants within the cloud platform have a customizable RBAC system that allow for any number of roles with any combination of permissions.

  • Can user roles and permissions and users be confirmed at any time?

Yes. The UiPath cloud platform allows for API access to Orchestrator tenants where all roles, their permissions, and users assigned to them can be retrieved.

  • Can the authentication system be integrated directly into customer directories?

Yes. Azure AD integration and GSuite integration are available for authentication of users. We plan to add further support in 2020 so users don't have to be added manually – we will just connect to the customer AAD. We will also then support using AAD groups, and being able to leverage those groups in Orchestrator permissions. That will mean we can support zero-touch provisioning via AAD group membership, similar to the capability introduced on-prem with AD in 19.10.

  • Do you support federated identity standards?

UiPath’s cloud platform allows for Single Sign On from a customer’s existing cloud identity platform including Azure Active Directory and Google Suite. Customers that leverage additional services such as Okta for example, are able to leverage an Azure Active Directory Tenant that supports SAMLv2 federation to Okta to provide single sign on to the UiPath cloud platform.

  • Do you support bulk provisioning and de-provisioning?

Yes. Bulk Provisioning is available via integration into common Identity providers such as AD, Azure AD, and Google Suite. Similarly, deprovisioning can be performed from those systems or via a single interface to remove users across all tenants.

  • Can 3rd parties (i.e. non-employees of UiPath’s customer) be given access if required?

Yes. Access is configured by the customer and can be given to accounts outside of the customer's direct domain.

  • What is the data retention policy?

Customer data is retained for the life of the customer contract.

  • How are network resources separated between customers?

Logical separation is created by means of encryption and separate accounts between services for each customer. We plan to offer a premium service in the future that has a separate, dedicated environment to individual customers, but do not have a timeline for this at present.

  • What are the data destruction processes at migration or contract termination?
The UiPath cloud platform follows the same guidelines as Microsoft Azure, the underlying storage platform. These are available here
  • Is customer data ever backed up to physical storage and if so, how is the media handled?

No. We use cloud backup storage only.

  • What processes are in place for law enforcement or legal discovery?

UiPath complies with all laws for law-enforcement access and legal discovery.

  • Is my data protected from legal discovery or disclosure through law enforcement equipment seizure that may be targeted at others who share the platform or storage?

Yes. Each customer is issued their own vault that stores certificates, keys, and any other credentials for working between services. Additionally, all user accounts and application accounts are tied to a customer identity that serves as a separate domain. Given these controls, hardware seizure would not provide access to data as separate encryption keys are used to encrypt all data.

We plan to offer a premium service in the future that has a separate, dedicated environment to individual customers, but do not have a timeline for this at present.
  • Under what circumstances can UiPath employees access customer data in the UiPath cloud platform?

Access to customer data is not allowed by employees. Customer instances are bound by a user and application domain specific to the customer and access is not given unless the customer explicitly permits it as part of a support effort.

  • Does the UiPath Cloud enable the creation of multiple environments (for example, dev/test/production)?

Yes. UiPath provides the mechanisms for establishing multiple environments as tenants, but all data is secured as if it is sensitive production data. UiPath does not provide a redaction process to customers.

  • Does UiPath collect any data from customers using the UiPath Cloud Platform?

UiPath does not collect any business data entered by robots or users. UiPath does collect anonymized performance data to improve the service quality we offer to our customers.