Automation 360 Cloud FAQs
Answers to frequently asked questions (FAQs) and related information about Automation 360 Cloud provide insight into various aspects.
- Where can I find an overview of Automation 360 Cloud security?
- An overview and details about Automation 360 Cloud security can be found in this document, Automation 360 Cloud Security and Data Privacy.
- How can a customer start using Automation 360 Cloud?
- The prerequisites and additional, optional steps for getting started can be
found on the Automation Anywhere docs portal at the following location: 开始使用 Automation 360 Cloud.
For most customers, the basic requirement is to allow secure access, using HTTPS, to their new Control Room environment hosted on Automation 360 Cloud. If this is not already enabled, you need to open port 443 in your firewall to allow outward HTTPS communication from your browser and the Bot agent to the Control Room. After the Bot agent is installed, it establishes a web socket connection to the Control Room. No ports need to be open on the customer site for these inbound connections.
- Does Automation 360 Cloud provide a service level agreement (SLA) for service availability?
- Yes, an SLA for 99.9% monthly availability is provided for the customer's access to their production Control Room environment. The SLA does not include planned down time for maintenance and updates to the service. If a customer believes that the SLA has not been met, a service credit can be claimed through Support. Details can be found in our Availability Service Level Terms.
- How does Automation 360 Cloudsupport high availability (HA)?
- Each customer’s Automation 360 environment is deployed using application load balancing across highly available public Cloud infrastructure services. The infrastructure services support both microservices running on Docker containers in Kubernetes clusters and datastores (database, cache, logging, file system, storage) supporting HA across multiple zones within a region. Both AWS and GCP public clouds are used.
- Does Automation 360 Cloud support disaster recovery (DR)?
- Yes, Automation 360
Cloud supports DR. In case of major incidents where
imminent resolution seems unavailable, a disaster situation is declared and
all the tenants within the region affected by the incident are failed over
to another, remote region. The current objectives for this recovery are as
注： RPO is based on backups taken and pushed to another backup region.
- Recovery Time Objective (RTO)
- The time taken to get a new region up and running with the last backup data restored is six hours.
- Recovery Point Objective (RPO)
- The maximum duration for data loss during a restore is six hours.
- Are there maintenance windows for the Automation 360 Cloud?
- Yes, Automation Anywhere updates Automation 360
Cloud once every three months so that customers will
receive automatic and regular updates to the latest software version. For
more information, see Products and Services Lifecycle Policy.
The primary channel for communicating the timing of Cloud status and maintenance windows is the Automation 360 Cloud Service Status site. You can subscribe to this website and receive the updates. Note that you cannot choose when the updates are rolled out across the multi-tenant Cloud. The Automation 360 architecture is designed to allow these timeless updates to roll out without affecting customers’ botdevelopment life cycles.
- What actions should a customer take to plan for an Automation 360 maintenance window?
- A customer’s bot operations should take account of scheduling bots to run outside of the published maintenance windows. These updates are scheduled to run outside of normal business hours on the same day and time per region and focuses on mid-month, avoiding month ends. More details guiding customers on planning around maintenance windows can be found on our APeople Knowledgebase article.
- Is customer data stored on the Automation 360 Cloud?
- Yes, basic automation processes allow customers to keep customer business
data on their own infrastructure using careful bot design.
However, Automation 360 applications increasingly store
customer data on the Cloud. Several Automation Anywhere
products store customer data as part of customer-defined automations,
although typically only temporarily, that is, during the automation process
defined by the customer. For example:
- IQ Bot use typically involves uploading images for processing.
- Recorder and Discovery Bot store recorded screenshots 注： Secure Recording can be enabled by administrators to ensure that these are not stored.
- AARI stores data processed by attended forms.
- Bot Insight can be used to create dashboards made from tagged business data being processed by a bot.
The customer has control over what business data is stored on the Automation 360 Cloud. Note that the source data remains with the customer, and the customer is in control of deleting the data on the Automation 360 Cloud. There should not be customer concern over loss of data as the customer has the main copy of the data in their systems. In general, the business data a customer puts in our Cloud through the use of bots is for the automation purposes only and can then be deleted. The primary storage for the data is not on our Cloud. Customers may need to keep audit logs and dashboard data. Both of these can be exported.
- What is the Automation 360 Cloud Data Retention Policy?
- During a customer’s subscription period, data on the Automation 360 Cloud is under their control. Audit logs have a retention policy of 180 days. Backups are taken every six hours and kept for seven days. After a subscription ends, according to our retention policy, data is held for another 30 days, to allow for renewal or recovery of bots and reports, and is deleted after that. After 60 days, the entire tenant environment is deleted.
- Is data stored on the Automation 360 Cloud using common storage infrastructure?
- Yes. The data storage services used by the Automation 360 Cloud are shared across customers as part of the multi-tenant design. In this way, the infrastructure and operational costs are not passed on to our customers. The Automation Anywhere applications use a unique tenant ID to ensure that data access is logically segregated by tenant. No data processing or storage operations can expose the data of one customer to another customer.
- Can Automation Anywhere personnel access customer data stored on the Automation 360 Cloud?
- Yes. However, operational controls governed by Automation Anywhere compliance certifications ensure that such access is limited to a well-defined set of individuals in CloudOps, SecOps, and support organizations under strict separation of duties. Customer data will be accessed only based on a customer granting permission in order to resolve a support case.
- What compliance covers Automation 360 Cloud?
- The CloudOps are governed by the following certifications based on
third-party audits: SOC 1 Type 2, SOC 2 Type 2, ISO 27001, and
The Automation Anywhere Business Continuity Management system is also certified with ISO 22301.
Customers rely on industry standard certifications for regulatory and compliance reasons. SOC 2 is created by the American Institute of CPAs (AICPA), and it measures IT security controls. The SOC 2 Type 2 certification verifies that Automation Anywhere CloudOps and SecOps teams have taken the appropriate controls and operational processes in place to meet industry standards for secure Cloud operations.
- Are the compliance certifications and summary reports for the certifications available for customers to review?
- Yes, customers can now access the various summary reports and certifications on the Security and Compliance Portal under NDA.
- How does Automation 360 Cloud support GDPR and an individual’s privacy?
- Do Automation Anywhere personnel monitor an Automation 360 Cloud tenant’s environment?
- Yes. All infrastructure and application-level audit logs are monitored to ensure the correct operation of the environment under load. This way, when load thresholds are reached, additional resources can be applied to ensure service availability and performance.
- Does Automation Anywhere report all unsuccessful data breaches to a customer?
- No, Automation Anywhere reports only successful breaches to a customer when that customer’s data has been compromised and on a timeline determined by local law.
- What data does Automation Anywhere collect in order to improve the Automation 360 Cloud service?
- In order to operate and support the service, Automation Anywhere captures logs
which can include usernames from the system. These rotate and are
overwritten every 30 days. Automation Anywhere only collects and uses
telemetry data for purposes of improving the service. Collected telemetry
data includes the following:
- Audit logs: These reflect user activities in the Control Room and applications, for example, a bot was run successfully or a user created a bot.注： The actual username is masked. Logs might include IP addresses, device names, and bot names.
- User clicks on a UX feature: Helps in providing user-specific help and guidance options to the user in the UI based on their experience.
- Where documents are uploaded for processing (for example when using IQ Bot or AISense), Automation Anywhere may reconstruct the format of the document, without the customer’s data, for the purpose of further training the Automation Anywhere AI/ML models to recognize document fields that might contain data for extraction. This aids in improving the applications’ data extraction accuracy.
This telemetry data can be used to monitor the service and is visible per tenant Control Room, and in aggregate, so that feature usage and adoption can be estimated. This can be used by product management to determine which features to prioritize for improvement and to identify features or applications not being adopted. This data can also help CSMs to advise customers on unused features that they could start using and benefit from.
- Audit logs: These reflect user activities in the Control Room and applications, for example, a bot was run successfully or a user created a bot.
- In which geographical region is a customer’s data stored when using Automation 360 Cloud?
- In general, for the pure Cloud deployment model, a customer specifies the regional location at the time of provisioning their Control Room instances, for example, US East, or Japan. Note that we cannot provide the detailed address or location of the physical data center because we use public Cloud providers, who reserve the right to move and do not disclose locations for safety and security reasons. We provide this regional capability to ensure that the Control Room is located in the same region where the customer will perform most of their operations to ensure high performance and usability and to reduce latency. Note that for most locations, the disaster recovery (for Business Continuity) element of the service sends data backups every six hours to another region. The other region is usually in another country.
- Which regional locations does Automation 360 Cloud support?
- Automation Anywhere Control Room environments can be hosted in the following
Primary Backup/DR US West US East US East US West EU-West EU-Central Japan Singapore Singapore Japan Brazil US East Bahrain EU-West India Singapore Australia - South Africa EU-West US Central US EU-West4 EU-Central Canada -
- What if the customer is concerned about data sovereignty (that is, maintaining data in a specified region)?
- For customers concerned about data sovereignty, the Pure Cloud model can only guarantee that data is “stored” in
the US, EU, and in Australia. This does not prevent the data from being
accessed from outside those regions (for example, for support purposes). For
the US, the DR region is kept within the US.注：
- The DR service is not supported in Australia (specifically because most customers in Australia are conscious of data sovereignty).
- Within the EU, we cannot guarantee that data is kept within a specific country within the EU.
- What is a sandbox Control Room?
- A sandbox is a fully priced and supported Control Room that
receives new release updates 3-4 weeks prior to a customer’s main Control Room for bot lifecycle management
(Dev/Test/Prod). The sandbox environment is primarily to allow customers to
try out new releases and sanity-test their production bots.注： IQ Bot and DR are not supported on sandbox environments.
- Is the sandbox the same as a trial environment?
- No. Unlike a sandbox, a trial or proof-of-concept Control Room is provided free of charge for 30 days ahead of a sale, as part of the selling motion with customers.