Delivering enterprise-grade security and governance capabilities is core to our customer’s success, as well as our own.
With this in mind, we’ve built data centers around the world; we’ve launched features like role-based access control, activity audit logs, and data masking; and we’ve taken the steps necessary to comply with regulations like GDPR as well as complete the SOC-2 Type II security audit.
These measures, among others, have led cutting-edge organizations across a myriad of industries—from Atlassian to MGM Studios—to trust our platform when building workflows that use sensitive and business-critical data.
And yet, for enterprise organizations that use robust security practices, or that operate in highly-regulated industries, we knew there was even more we could do.
That’s why we’re excited to announce the launch of Workato Enterprise Key Management, or EKM—making us the first enterprise iPaaS to provide this for clients.
To better understand Workato EKM, we asked Jayesh Shah, our SVP of Global Solutions Consulting and Security Operations, some commonly-asked questions.
First off, what is enterprise key management?
Jayesh Shah: It allows our clients to use their own encryption keys from their preferred service, such as AWS Key Management Service. This gives clients complete visibility and control over a key’s lifecycle, whether that’s creating, disabling, or deleting the key.
In terms of how this works in Workato, it allows you to encrypt your connections and jobs data using your own keys; the default is that Workato manages the encryption keys.
Why are we offering enterprise key management?
JS: While Workato already provides best-in-class data protection, this gives organizations in industries like financial services or health care, in addition to large, global organizations with mature security practices, an additional layer of control and security.
Does EKM affect my ability to access other platform features?
JS: It certainly doesn’t! Everything you’ve come to love about Workato and that you’re hoping to try is still fully available. This is transparent to your enterprise users of the Workato platform.
How can I access this feature?
JS: This feature is currently available on certain plans. To find out if it’s available on yours, and to learn more about its pricing, you can connect with your dedicated customer success manager. They’ll also be able to walk you through Workato EKM’s capabilities in greater detail and help you suss out whether it makes sense for your organization.
What else can I do to protect my data in Workato?
JS: That’s a great question. Assuming you have several employees using the platform, I would certainly take advantage of our role-based access control and follow the principle of least privilege when using it. In other words, when assigning access levels to various roles, make sure each only receives those that are absolutely necessary within a given environment (develop, test, and production) for their role or function.
There’s obviously a whole lot more you can do to keep your data safe in Workato. To better understand the tools at your disposal, I’d recommend watching our recent webinars on the topic: this one covers the foundational steps you can take while this one explores more advanced measures.