Workato Security Overview

Last updated: June, 2021

Workato is committed to providing a highly secure and reliable integration and business automation service. This includes maintaining the confidentiality, integrity and availability of its customers' information. To achieve this we use proven, tested, best-in-class security tools, technologies, practices and procedures. These follow industry standards and frameworks including CIS and NIST.

Compliance

SOC 2 Type 2 audited

Workato has successfully completed a Service Organization Controls 2 ( SOC 2 ) Type 2 audit with a third-party evaluator certified by The American Institute of CPAs (AICPA). This audit uses the Trust Services Principles, published by the AICPA, to evaluate the effectiveness of a service organization's controls with respect to security, availability, and confidentiality. Audit reports are available to current and prospective customers under NDA.

PCI

Workato uses PCI Compliant Level 1 audited payment processor Stripe for processing credit card payments for the Workato services.

Hosting Environment and Physical Security

Workato is hosted on public cloud infrastructure from Amazon Web Services (AWS) and Google Cloud Platform . Both Amazon and Google maintain high standards of security for their data centers. You can read further about AWS and Google security here:

aws.amazon.com/security/
cloud.google.com/security/

Network Security

The Workato website is only accessible over HTTPS. Traffic over HTTPS is encrypted and is protected from interception by unauthorized third parties. Workato follows current best practices for security, including the use of industry standard TLS 1.2 and 1.3 encryption algorithms with a key length of at least 128 bits.

Workato also uses secure protocols for communication with third-party systems: usually HTTPS, but other protocols such as SFTP and FTPS are also supported. For on-premise systems, access requires the installation of an on-premises agent behind the firewall, which communicates outbound to Workato over an encrypted link, using TLS 1.2.

Workato uses a multi-tier architecture that segregates internal application systems from the public Internet. Public traffic to the website passes through a Web Application Firewall (WAF) and is then routed to interior systems running on private subnets. Interior as well as exterior network traffic uses secure, encrypted protocols. All network access, both within the datacenter and between the datacenter and outside services, is restricted by firewall and routing rules. Network access is recorded into a centralized secure logging system.

Authentication

Customers login to Workato using a password which is known only to them. Password length, complexity and expiration standards are enforced. Passwords are not stored; instead, as is standard practice, only a secure hash of the password is stored in the database.

Workato customers can optionally configure their accounts to use Two-Factor Authentication, by means of an authenticator app such as Google Authenticator, Microsoft Authenticator, or Authy.

Workato supports integration with 3rd party SAML compliant Single Sign-On (SSO) systems. This allows an enterprise to manage access to Workato as well as other enterprise applications and apply custom authentication schemes and policies.

Workato also supports Single Sign-On using 3rd-party credentials including Google and Microsoft Office 365.

Workato’s best practice recommendation is for customers to use SSO or Two-Factor Authentication.

Workato supports automatic session logout after a period of time. The timeout can be set from 15 minutes up to 14 days. Enterprises can set the appropriate timeout period according to their security needs.

When Workato recipes connect to remote systems using user-supplied credentials, where possible this is done using OAuth2, and in those cases, no credentials need to be stored in the Workato system. However, if a remote system requires credentials to be stored, they are encrypted using a 256-bit key.

Workato’s best practice recommendation is for customers to use an integration specific user identity (ISU) with appropriate entitlements/scopes for connection authentication for applications that are part of the recipes

Application Development and Testing

Workato has a comprehensive software development lifecycle process that incorporates security and privacy considerations. Design and code reviews, as well as unit and integration testing, are part of the process.

Development staff receive regular training on Secure Coding Practices, including avoidance of the OWASP Top Ten Web application vulnerabilities.

Vulnerability and Penetration Testing

Workato conducts regular internal vulnerability testing. Workato also engages a qualified 3rd-party to conduct a regular platform level vulnerability and penetration test.

The results are analyzed and vulnerabilities are addressed based on risk and severity.

Data Privacy

Workato has a public Services Privacy Policy, which details the types of personal information we collect, our handling of this information, and our customers’ privacy rights.

Transaction Data Retention and At-Rest Protection

All information on the Workato platform is encrypted at rest and in transit. All data stored in the Workato system is encrypted at rest using a strong encryption algorithm (AES-256).

Workato has innovative key management features for securing customer data: Transaction data is double-encrypted. All data is encrypted with a global key managed by our cloud providers. These keys are rotated at least annually. In addition, Workato encrypts data with secondary, tenant-specific keys whose lifetimes are tied to the configured retention period for the data. A new key is generated hourly and this key is used to encrypt all data for a single customer within that hourly period. At the end of the configured retention interval, the key is deleted, effectively erasing the data by making it unreadable. Subsequently, the data storage is also reclaimed.

Workato stores a log of transactions for a limited period of time, in order to provide visibility into system activity, facilitate testing and debugging, allow the re-running of failed transactions, and to support long running transactions. The maximum retention period varies by Workato plan and in some plans is configurable. In addition, Workato provides the capability to stream transaction logs to an external HTTPS endpoint, for longer-term retention and/or analysis.

Data Masking

Workato provides the ability to mask out sensitive data for additional security. The data masking feature can be applied to individual Workato recipe steps (triggers or actions). The input and output of a masked action step are not shown or stored as part of the job history view. Masked trigger data must still be persisted, to support error recovery and retry of a failed recipe job; but when masking is enabled for subsequent steps (action steps), data from those steps is only stored transiently in memory when processing.

Data Localization

Workato recognizes that some users may prefer that their data be stored and processed in a specific non-U.S. region. Workato now supports the option to host in selected non-U.S. regions. All account data, including recipes, connections, user profiles, and other configuration data in the Workato account, will be stored in the customer’s selected region, as will all job history logs. However, certain kinds of interaction with Workato may still involve transfer of data to the U.S. or other localities, for example: using our in-app chat or filing a support ticket.

High Availability

Workato is designed to offer high availability and resilience to service disruption. Technical measures used to ensure high availability include: running Workato services in redundant clusters, utilizing multiple redundant cloud Availability Zones, and continuous replication of the application database to a standby system.

Current system status and recent uptime statistics are continuously available at status.workato.com.

Workato has implemented a Business Continuity and Disaster Recovery program. This program includes not just measures to ensure the high availability of Workato’s IT assets, but also contingency planning for natural disasters and other possible disruptions.

Incident Response

Workato has deployed a variety of security and monitoring tools for its production systems. There is 24x7 monitoring of the security status of its systems and automated alerts are configured for security and performance issues.

While we don't anticipate there being a breach of our systems, Workato has put in place a Security Incident Response Plan, which details roles, responsibilities and procedures in case of an actual or suspected security incident.

Our Organization

All employees are subject to background checks that cover education, employment and criminal history, to the extent permitted by local law. Employment at Workato requires written acknowledgement by employees of their roles and responsibilities with respect to protecting user data and privacy.

Workato applies to the principle of least privilege for access. All access and authorization rights are reviewed regularly. Access or authorization rights will be withdrawn or modified, as appropriate, promptly upon termination or change of role

Workato maintains an information security training program that is mandatory for all employees.

Knowledgeable full-time security personnel are on staff.

Vulnerability Disclosure

Workato welcomes reports of vulnerabilities or other security issues.

Note that we are primarily interested in issues that may affect authenticated users of our services rather than issues relating to our public facing sites, many of which are hosted by 3rd parties unrelated to our services. Note also that we generally do not allow automated scanning of our sites and may block it if detected.

Vulnerability reports will be acknowledged and reporters kept apprised of their report’s status.

Reports can be submitted to vulnerability@workato.com .