Companies have long invested in strategies and tools to extract value from the wealth of information at their disposal. Digital Employees are a modern and proven way to do so while freeing employees of the drudgery of connecting and aggregating data from disparate systems. While other technologies also promise to automate these repetitive processes and enhance the capabilities of human employees, SKAEL is unique in its security strategy and approach.
Other solutions expose your data
The best Digital Employees – or solutions that approximate them – call upon a range of capabilities to quickly and effectively streamline complex workflows by processing data. These capabilities can include Natural Language Processing (NLP), intent recognition, entity extraction and forms processing, to name a few.
Because these features are sophisticated and require extensive expertise and experience to develop and maintain, the vendors of some solutions – like the ones based on Robotic Process Automation (RPA) – rely on third parties for these services. By partnering with large platforms like Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP), these vendors can use the NLP and other services that Microsoft, Amazon and Google developed for the world at large. Vendors simply make an external call to one or more of these large platform providers to process their customers’ data.
It might sound appealing to a company like yours that a well-respected global platform is processing your data. But that approach comes with a tremendous disadvantage because it unnecessarily exposes your data to a third party.
As requests leave your enterprise environment, your company faces the risk that sensitive information and systems will be exposed. As EY says, “RPA introduces a new attack surface that can be leveraged to disclose, steal, destroy or modify sensitive data and/or high-value information, access unauthorized applications and systems, and exploit vulnerabilities to gain further access to an organization.”
SKAEL doesn’t depend on third parties
Addressing this major risk is what underpins our development approach and philosophy at SKAEL. We develop all our capabilities and services in house so we can keep our customers’ data safe. The following services/capabilities are built into the SKAEL platform:
- Machine learning algorithms
- Intent recognition
- System entity extraction
- Custom entity extraction
- User utterance synonym generation
- Custom entity synonym generation
- Natural language processing
- Natural language understanding
- Natural language generation
- Document and forms processing
- Full-service conversational engine
- Website, web page scraping and entity extraction (coming soon)
While this in-house approach means our development roadmap is a bit longer than other vendors’, it’s the right approach because it’s the best way to help our customers reduce risk and stay compliant with data regulations.
By building all needed capabilities into our platform, we keep your data safely within a containerized Kubernetes cluster. To process your data, we do not make any external calls.
In fact, we are not dependent on any third parties, like Microsoft .Net framework, and third-party packages or custom hardware (like GPUs). This eliminates any security issues caused by version mismatch, specific hardware needs, or expiration of third-party licensing packages.
But that doesn’t mean we just hope for – or assume – the best. We automate security checks with DAST (dynamic application security testing) to regularly conduct web application penetration testing through a reputable third-party security services company. These tests, based on the OWASP testing methodology in accordance with Center for Internet Security (CIS) Controls and National Institute of Standards and Technology (NIST) guidelines, examine:
- Access control
- Session management
- Error handling
- Susceptibility to brute-force attacks
- Authentication and authorization
- Open source intelligence gathering
We also regularly conduct API (internal product) penetration testing, and are progressing toward achieving SOC 2 certification.
We protect data in motion, in use and at rest
We protect data in motion via HTTPS or SSL/Transport Layer Security. We also require HTTPS on all pages, and use HSTS to ensure browsers only connect to our platform over a secure connection and to help thwart web based attacks.
We encrypt data at rest using encryption up to AES256. Since our platform does not depend on Microsoft's .NET Framework or other third-party packages, we eliminate any security exposure associated with the security levels of third parties. Your application data only lives a short life in our platform’s transactional memory. Once the automation step is completed, we wipe the data clean.
We offer our solution via secure Kubernetes containers via our own secure cloud instance hosted in Google Cloud Platform (GCP), as well as in private cloud environments offered on AWS, Microsoft Azure, and GCP.
SKAEL doesn’t store, share, or require changes to your data
Moreover, we do not store your data on our platform or share it with anyone other than your authorized users. Specifically, we do not save any data from your applications and data sources, including any banking information or credentials used for financial transactions. We directly send financial institution credentials to the respective financial account aggregator (Plaid and Stripe) from your employee’s browser. Our servers never see user credentials, and Plaid and Stripe adhere to leading industry practices for data security, regulatory compliance, and privacy.
At the same time, you don’t need to change, alter, or adjust your data, workflows, or processes to use our Digital Employees. In fact, you don’t need to worry about any related security concerns because our solution is designed to adjust to your existing toolsets and business requirements. Build Digital Employees with the confidence that SKAEL’s security program is keeping your sensitive data safe and secure.
Want to see if SKAEL is right for your automation needs? Schedule a demo.