When you’re following information technology (IT) security best practices and are actively aware of potential threats, you reinforce your entire company for the future.
A security breach can be a nightmare for any business. It could be due to poorly written, vulnerability-laden software or implementation without due diligence for a software development lifecycle. Secure company records could be lost, customer information could be stolen, and years of work could be gone in an instant — and the damage would be irreparable.
That’s why at Automation Anywhere, we take Robotic Process Automation (RPA) security very seriously, to give you peace of mind. Our risk-based approach includes multiple layers of security certifications — Veracode, SOC 2, and ISO — to reduce vulnerabilities across the board.
According to Verizon, 30% of all IT security breaches are due to vulnerabilities within the software an enterprise uses. To ensure Automation Anywhere applications remain secure, we’ve partnered with application security company Veracode to reach Veracode Verified Continuous status on our Automation Anywhere Enterprise RPA platform.
The Continuous tier status confirms that we’ve implemented and demonstrate extensive secure development practices. These include everything from assessing first-party code with static analysis to regular security assessments and guidance on any new flaws that might pop up. Most importantly, a security champion for the product development team provides advanced training on secure coding.
Along with Veracode Verified Continuous status, Automation Anywhere is the industry’s first vendor to offer a cloud service that is System and Organization Controls (SOC) 2 Type 1 certified. This came as a result of an extensive audit reviewing a comprehensive list of security criteria.
Created by the American Institute of CPAs (AICPA), the SOC 2 certification measures IT security controls based on five principles: availability, confidentiality, privacy, processing integrity, and security.
The SOC 2 Type 1 certification validates that we’ve taken appropriate steps and put a team in place to assess our security controls. The team monitors such things as access controls, encryption, firewalls, intrusion detection, and even disaster recovery — all to ensure the highest level of protection.
Additionally, Automation Anywhere has achieved ISO 27001:2013 certification, demonstrating full compliance with the confidentiality, integrity, and availability standards for information assets.
This standard is a baseline for IT security practices measured by the International Organization for Standardization (ISO) and among the most internationally recognized to gauge the safety of information security management systems (ISMS).
An audit was conducted by independent certification authority Alcumus ISOQAR, an ANSI-ASQ National Accreditation Board (ANAB) agency. The ISO 27001 certification process verifies the management of an internal help desk and email services throughout our San Jose, California, and Vadodara, India, locations.
These security certifications mean you have one less thing to worry about when using Automation Anywhere RPA technology. But we’re not stopping here. As we iterate and innovate our product offerings, we’ll expand our scope of security compliance to ensure you’re always using the world’s safest RPA platform.
Gautam Roy leads the product marketing and strategy of security features for the Automation Anywhere product portfolio. He has more than 20 years of experience in the industry and is a frequent speaker at conferences and events.