IBM RPA on premises server security

Learn about specific security aspects of the IBM RPA on premises offering server.

IBM RPA on premises security and compliance measures are a partnership of the IBM RPA product deliverables, documentation, and your organization's own security practices.

SQL Server database encryption

Many compliance requirements, corporate, governmental, and industry standards, demand data at rest to be encrypted. IBM RPA stores much of the critical custom data, such as scripts, users, schedules, among other data, in the server-configured SQL database. A best practice that you should follow is to enable encryption. For more details, refer to the Microsoft's SQL Server Encryption External link documentation.

Securing Redis

When used for on-premises topologies, Redis provides a critical infrastructure support roll for instances of the server to share state and manage shared concurrency locking. Secure Redis practices are recommended. For more details about securing Redis, see Optional: Configuring Redis.

Antivirus signature updates

The IBM RPA product provides ClamAV to scan artifacts for various forms of malware and viruses. ClamAV has a regular signature update algorithm, which enables the software to perform new signature update downloads automatically. Optionally, new signatures are distributed as they become available through the normal maintenance stream.

Transport layer security

Windows by default can support versions of Transport Layer Security (TLS) and allow cipher suites that are considered weak.

IBM Robotic Process Automation is tested on servers that are configured for TLS 1.2 and higher and allowing only cipher suites that are considered to be strong.

For more information on configuring TLS and cipher suites for Windows servers and managing TLS protocols and cipher suites on Windows, refer to the Microsoft's Manage Transport Layer Security (TLS) External link documentation.

Data-at-rest encryption

In the IBM RPA SaaS offering, all the server-side disks are encrypted, which means data at rest is encrypted at the disk level. The encryption keys are platform-managed by Microsoft. For more information, see Microsoft's Azure Data Encryption at rest External link security documentation.

In the on-premises offering, your organization needs to apply encryption for data at rest in the IBM RPA server.