Data protection and access control Independent categories for Bot Creators and Bot RunnersFor logical separation of duties, Control Room divides automation users into two broad categories: Bot Creators (development) users and Bot Runners (run-time) users.Role Based Access ControlControl Room implements Least Privileges and Separation of Duties through a configurable Role-Based Access Control (RBAC) capability that conforms to requirements in NIST AC 2, 3, 5, and 6.RBAC on botsAccess is deny-all and allow by exception based on roles.RBAC on Bot RunnersRole-based access control (RBAC) on Bot Runners facilitates complete isolation of one department Bot Runner seamlessly from the remaining department Bot Runners.RBAC for Credential Vault credentials managementCredentials created in the Control Room are used across Bot Creators and Bot Runners.Role-based processing domainsThe Control Room RBAC applies the least privilege principles to domains by implementing Processing Domains, specifying role-based privileges, and permissions at the bots and Bot Runners level. RBAC on Audit logAudit is automated for all privileged and nonprivileged roles to conform to best practices, as defined in NIST AC-6.RBAC on viewing bot activityThe Control Room Activity menu provides options shows the status of the Automation Anywhere Enterprise automations. These options are: In Progress, Scheduled, and Historical.RBAC on user managementAccess is deny-all and allow by exception based on roles, domains as defined in RBAC. Only those users with access to User Management can manage users in system.RBAC on roles and permissions managementAccess is deny-all and allow by exception based on roles, domains as defined in RBAC.RBAC on bot schedulesAccess is deny-all and allow by exception based on roles, domains as defined in RBAC.RBAC on license managementAccess to license management is deny-all and allow by exception based on roles, domains as defined in RBAC.Secure application partitioningAutomation Anywhere provides security options to enable and enforce secure bot execution consistent with best practices under NIST SC-2: Secure Application Partitioning.Bot execution access by dynamic access tokenThe Control Room implements and enforces a Trusted Path for registration and authentication of Bot Creators and Bot Runners in accordance with NIST SC-11 to protect against any attempt to execute unauthorized bots.Secure credential store Credential VaultThe Automation Anywhere platform provides a centralized Credential Vault to securely store all credentials and provision them to bots on an on-demand basis.Security at-restSecurity in-transit: support for secure protocolsThe Automation Anywhere platform supports secure protocols such as Transport Layer Security (TLS) 1.2 and HTTPS data transfer.
Data protection and access control Independent categories for Bot Creators and Bot RunnersFor logical separation of duties, Control Room divides automation users into two broad categories: Bot Creators (development) users and Bot Runners (run-time) users.Role Based Access ControlControl Room implements Least Privileges and Separation of Duties through a configurable Role-Based Access Control (RBAC) capability that conforms to requirements in NIST AC 2, 3, 5, and 6.RBAC on botsAccess is deny-all and allow by exception based on roles.RBAC on Bot RunnersRole-based access control (RBAC) on Bot Runners facilitates complete isolation of one department Bot Runner seamlessly from the remaining department Bot Runners.RBAC for Credential Vault credentials managementCredentials created in the Control Room are used across Bot Creators and Bot Runners.Role-based processing domainsThe Control Room RBAC applies the least privilege principles to domains by implementing Processing Domains, specifying role-based privileges, and permissions at the bots and Bot Runners level. RBAC on Audit logAudit is automated for all privileged and nonprivileged roles to conform to best practices, as defined in NIST AC-6.RBAC on viewing bot activityThe Control Room Activity menu provides options shows the status of the Automation Anywhere Enterprise automations. These options are: In Progress, Scheduled, and Historical.RBAC on user managementAccess is deny-all and allow by exception based on roles, domains as defined in RBAC. Only those users with access to User Management can manage users in system.RBAC on roles and permissions managementAccess is deny-all and allow by exception based on roles, domains as defined in RBAC.RBAC on bot schedulesAccess is deny-all and allow by exception based on roles, domains as defined in RBAC.RBAC on license managementAccess to license management is deny-all and allow by exception based on roles, domains as defined in RBAC.Secure application partitioningAutomation Anywhere provides security options to enable and enforce secure bot execution consistent with best practices under NIST SC-2: Secure Application Partitioning.Bot execution access by dynamic access tokenThe Control Room implements and enforces a Trusted Path for registration and authentication of Bot Creators and Bot Runners in accordance with NIST SC-11 to protect against any attempt to execute unauthorized bots.Secure credential store Credential VaultThe Automation Anywhere platform provides a centralized Credential Vault to securely store all credentials and provision them to bots on an on-demand basis.Security at-restSecurity in-transit: support for secure protocolsThe Automation Anywhere platform supports secure protocols such as Transport Layer Security (TLS) 1.2 and HTTPS data transfer.