Encryption in Zoho RPA | Zoho RPA help

Encryption in Zoho RPA

Encryption is primarily used to safeguard the contents of a message so that only the intended recipient can read it. This is done by replacing the contents with unrecognizable data, which can only be understood only by the intended recipient. 

Encryption can be used in two situations:
  1. Encryption in Transit
  2. Encryption at Rest (EAR)

Encryption in Transit

This refers to data that is encrypted when it is in transit, such as from your browser to the web server and other third parties via integrations. Encrypting data in transit protects your data from man-in-the-middle-attacks. Learn more about Encryption in Transit

Encryption at Rest

This refers to data that is encrypted when it is stored (not moving), such as data on a disc, in a database, or some other form of media. In addition to encryption of data during transit, encryption of data when it is stored in the servers provides an even higher level of security. EAR protects against any possible data leak due to server compromise or unauthorized access.
Encryption is done at the application layer using the AES-256 algorithm. AES-256 is a symmetric key encryption algorithm that uses 128-bit blocks and 256-bit keys. The key used to convert the data from plain text to cipher text is called Data Encryption Key(DEK). The DEK is further encrypted using the KEK (Key Encryption Key), providing yet another layer of security. The keys are generated and maintained by our in-house Key Management Service(KMS). Learn more about our KMS

What data do we encrypt in Zoho RPA?

The data encrypted in Zoho RPA includes, but is not limited to
  1. Audit trail
  2. RPA flow History logs
  3. RPA agent installation keys for agent registration to the organization
  4. Data transferred to the RPA agent for workflow execution,  with encryption during transit and temporarily encrypted and stored until execution completes and it's deleted
  5. Personally identifiable information
  6. App connections (Tokens and user credentials) powered by Zoho Flow
  7. All data stored in action configurations
Notes
Note: Personally identifiable information includes the verified From email addresses when using the Send Email action, the email addresses of pending user invites to a Zoho RPA organization, and lead data from marketing, such as name, email address, and country.

Full disk encryption

Besides application-layer encryption, full disk encryption is available in all our data centers.