Skip to main content

Data security and compliance

UiPath designs and operates its cloud platforms with a strong focus on protecting data confidentiality, integrity, and availability. Cloud platforms and the UiPath platform as a whole have several security attestations that UiPath has completed voluntarily. UiPath also continuously performs internal and external security verifications and actively monitors its security posture.

The specific security certifications, attestations, and regulatory frameworks that apply depend on the cloud deployment model you use. Some certifications or compliance programs are available only for certain offerings or environments.

Public information about UiPath security practices and certifications is available in the Security section on uipath.com. In addition, UiPath can provide further details about operational and security practices under a non-disclosure agreement (NDA) for customer verification or security review purposes. To request this information, contact your UiPath account team.

Test Cloud

Test Cloud follows UiPath’s standard cloud security program and includes security attestations. For the full list of applicable attestations and details about UiPath security controls for commercial cloud platforms, see the Security section on uipath.com.

Figure 1. Test Cloud architecture diagram

Test Cloud Public Sector

Test Cloud Public Sector operates within a FedRAMP-compliant environment, adhering to the requirements of the Federal Risk and Authorization Management Program.

FedRAMP compliance includes the following:

  • Data encryption: To achieve FedRAMP compliance, we employ FIPS 140-2 validated encryption for data at rest and in transit, ensuring the highest level of data protection.
  • TLS protocol: Our software utilizes TLS 1.2 or higher to secure data transmissions, guaranteeing the confidentiality of your information during transit.
  • Integration assurance: Any third-party services integrated with our platform maintain an equivalent FedRAMP certification.
  • Access control: Access to the FedRAMP-compliant environment is strictly limited to US permanent residents and citizens located within US soil, reinforcing data security.
  • Secure images: Our services utilize secure images for all components to eliminate vulnerabilities and bolster security.

Test Cloud Dedicated

Test Cloud Dedicated includes security certifications and attestations that reflect its isolated, customer-specific delivery option:

  • Certifications:
    • ISO 27001
    • ISO 27017
    • ISO 27018
    • ISO 9001
    • HITRUST
  • Attestations:
    • SOC 1
    • SOC 2
    • HIPAA
    • C5