Enterprise Data Security Features
Below are some of the data security related features that ARGOS Low-code AI/ML Integration Platform includes in our standard package.
- Full On-prem Deployment (customer choice)
Most of our customers choose to deploy ARGOS Low-code platform as a cloud solution. However, when data protection policy requires all ARGOS components and automated transactions to be kept within customer’s own network, we provide a full on-premises package. (please contact your local implementation partner as a minimum contract size applies.)
- Customer Data Security
For the ARGOS Low-code cloud solution, none of the 3 components, the Scenario Studio (STU), Process Automation Module (PAM), and Supervisor, saves or stores any customer data as files. When a queue is required for an automation processes (and the queue holds customer data), the queueing solution can be implemented independently within customer’s own network.
- Customer Credentials
While hardcoding customer credentials into Automation Scenario can be done, as more secure options, we provide various Vault solutions for storing such credentials from 3rd party and partners.
Even when the customer credentials are hardcoded in the Automation Scenario, they will not appear in the PAM’s execution logs.
- Role-base Access Control
ARGOS Low-code platform is a multi-tenant platform. Most of the multi-tenancy management features are implemented with Supervisor. There are 4 user authority levels with ARGOS RBAC; Master, Developer, Operator, and Viewer.
Supervisor login password is encrypted uses SHA 256.
- File Encryptions
ARGOS Low-code platform uses AES 256 to encrypt the Automation Scenario files. Once encrypted and saved for deployment the Automation Scenarios file can only be opened for modification by the STU account that generated the Automation Scenario file.
- Bot Expiration Control
No Automation Scenarios can be deployed (deployment means running without STU) unless the Automation Scenario files are SAVED at Supervisor.
For scheduled deployment, you can set Start and End date to determine the life of the Automation Scenario.
For on-demand deployment from Supervisor, only Authorized account can have access to the on-demand execution page.
Both Automation Scenarios and PAMs can be paused, locked, or deleted to prevent unwanted executions. This can stop execution of the Automation Scenarios even when they were distributed in the forms of .exe or .ebot files.
- Audits and Logs
Automation Scenario logs are generated by PAM and they can be stored at a designated customer secure storage by configuring it at PAM’s settings. The contents of PAM’s log are fully configurable as well. You can set it from "no log" to full-detail logs with all operations and parameters (default).
- PAM Configurations and Settings
PAM configuration and registration are password protected and monitoring/alarms settings for any modifications by Supervisor is supported.
Other Security Related Enhancements
- ARGOS Low code uses HTTPS to communicate STU/PAM/Supervisor.
- All communication between servers also needs authentication and authorization by secured ID before connections
- ARGOS LABS regularly applies patches to enhance web security.
- Regular security checks are performed to determine whether there are any security risks for SQL Injection, AAA(Authentication, Authorization, Audit), and API encryption.
- Increased password complexity (backend)
- Sensitive data handling policies have been enhanced
- Access control has been enhanced for Security (Supervisor menu, API, and Data)
- Information that can infer the server configuration is hidden so that it is not exposed to the outside.
- Cross site scripting has been addressed
- Reinforcing CORS (Cross-Origin Resource Sharing) usage policy