Infrastructure and security overview

Robocorp Cloud

How is Robocorp Cloud hosted?

Robocorp Cloud is hosted in Amazon Web Services (AWS) datacenters. AWS maintains SOC2 and ISO 27001 compliance certifications among others and provides robust means to provide secure services to Robocorp Cloud users.

In addition to AWS, we use a number of carefully chosen third-party providers. These providers are used for operative, security and analytics purposes. For more information on privacy and our third-party providers, please refer to our Privacy Policy.

What kind of security measures are taken for Robocorp Cloud?

We conduct internal security audits regularly, and every major architectural change undergoes a security review. We also arrange external penetration tests for Robocorp Cloud in order to verify the effectiveness of our security controls.

In the event of a high-risk vulnerability or a threat that could potentially impact our users data confidentiality or the availability of Robocorp Cloud, we aim to fix the issues outside of our regular production update cycles and as soon as possible.

If an external security researcher discovers a vulnerability in any of our products, our Security.txt(https://robocorp.com/.well-known/security.txt) has information on how to get in contact with us.

Does Robocorp Cloud collect sensitive data?

Robocorp Cloud is an orchestrator tool for companies and software robot developers. For the sake of operations, we collect some data on users and usage of Robocorp Cloud. For more information, please refer to our Privacy Policy and our Terms of Use.

Robocorp Cloud requires something we refer to as control data in order to operate. This data includes instructions and commands sent to the runtime environments and the packaged code for processes. For various services we may store and process also data generated by the processes, which we refer to as process data. This data is stored for the convenience of the user, such as error logs so they can be viewed within Robocorp Cloud. In addition, we provide a means for securely storing secrets and tokens in Robocorp Cloud Vault.

However, it is to be noted that it is ultimately up to the software robot developer to choose what is uploaded to Robocorp Cloud. It is good to keep in mind that sensitive tokens, such as passwords or personally identifiable information, should not be hard-coded in robots. It is also advisable to refrain from printing sensitive data into output logs as they could end up in Robocorp Cloud.

How is data protected in Robocorp Cloud?

Any data travelling through the Internet is encrypted in transit using TLS. Furthermore, especially sensitive data such as Vault secrets have two-fold encryption and are also encrypted on the application level. This means proxies or application logs cannot view the data, even accidentally.

Data is stored in AWS and encrypted at rest using industry-standard AES-GCM encryption.

How are vault secrets stored in Robocorp Cloud?

Robocorp Cloud Vault employs multiple techniques to ensure the confidentiality of its contents. At its core, Vault encrypts the contained secrets using AES-256 in Galois/Counter Mode (GCM). Each secret is encrypted with a data key that is unique for the specific secret. The data key is further encrypted with a master key, and the encrypted secret and encrypted data key are stored in a database. This design is commonly referred to as envelope encryption.

The master key is managed and protected by AWS-specific means (KMS), and it is never accessible in plaintext format by the Vault application. Decryption happens only on demand: for example, when opening an individual secret in the Robocorp Cloud Vault web interface or when requested by a digital runtime environment. All data is encrypted in transit using TLS.

Secret payloads are encrypted with an ephemeral key to ensure the requested secret can be opened only by the intended recipient.

Robocorp Cloud Vault is designed to provide a balance of solid security and convenience. We are confident in the design and are happy to discuss and address any further questions. However, please always consult with your organization’s security team to evaluate the suitability of Robocorp Cloud Vault for your specific use case.

Keep in mind that anyone in your organization with access to a shared or private workspace can view the secrets stored in the Vault of that workspace.

Runtime environments

What is self-hosted runtime environment installation (Robocorp App)?

Self-hosted installation of Robocorp App links a computer to Robocorp Cloud and enables Robocorp Cloud to deploy and operate software robots on the computer. Self-hosted installation is suitable for all kinds of different use cases where the user manages the running environment, e.g., on-premise servers, virtual machines, or user-hosted containers. Self-hosted installation is required for software robots that require access to target systems that are not accessible from the Internet.

What is Robocorp hosted Cloud runtime environment?

Robocorp Cloud offers a managed version of a cloud runtime environment, which is launched on-demand in the cloud when robot execution starts. Under the hood, there is a Docker container that runs the Robocorp cloud runtime environment and executes one robot. No local state is maintained between robot runs because a fresh container is used for each run. Currently, one Linux-based container option is available (Robocontainer) and offers a way to execute robots with no hardware setups.

Container runtime environments operate on hardened and isolated server instances.

How does Robocorp Cloud runtime environment communicate with Robocorp Cloud?

Robocorp Cloud runtime environment connects to Robocorp Cloud over standard HTTPS on port 443. All connections are outbound from Robocorp Cloud runtime environment, requiring typically zero firewall rules to be added. The control channel between Robocorp Cloud runtime environment and Robocorp Cloud is implemented using the WebSocket protocol, and the rest of the communication uses traditional HTTP endpoints (REST API). All communication is encrypted on the transport layer. Additional end-to-end encryption and digital signatures are utilized on the application layer for specific important operations.

What data is sent from Robocorp Cloud runtime environment to Robocorp Cloud?

For Robocorp Cloud runtime environment to operate in a Robocorp Cloud Workspace, the only mandatory communication needed is workload-agnostic control data. Control data includes commands from the cloud and generic status information towards the cloud. By default, also standard output and error streams are delivered to Robocorp Cloud for convenience. The software robot developer has full control over what happens to other data being accessed during the robot execution. Additionally, Robocorp Cloud provides several opt-in services for typical robotic process automation (RPA) use cases.

How are artifacts stored and transferred from Robocorp Cloud runtime environment to Robocorp Cloud?

Artifact storage is backed by Amazon S3 and data is encrypted at rest using AWS-provided methods. Artifacts are transferred securely over HTTPS using short-lived S3 presigned requests. You may consider implementing application-level encryption as an additional security measure, however Robocorp Suite does not currently include any specific tooling for this purpose.