“Personal bots work on employee’s machine, mostly in attended form and perform tasks for the employee — pulling data from multiple sources to create reports, storing client contact data and even creating regular presentations.
Personal bots can be looked at as a digital concierge for employees in an organization. Through advanced mobile interface and virtual assistants, employees can interact with these personal bots installed on their office machines/systems. The personal bot triggered on-demand or scheduled by the employee, can perform tasks on behalf of the employee, even in his/her absence. Just like a digital concierge, this personal bot on the employee’s machine will be well-equipped to take requests and execute.”
The management of security risks is a top-priority issue for the development of RPA. When it comes to personalized bots in RPA, one of the serious concern is to ensure that the confidential data is not misused due to the actions of a personalized bot.
Some generic processes compliant in a personalized bot would be regular business procedures such as file transferring, data processing, process related to payroll, etc. All these require that the automation platforms have access to confidential information (inventory lists, addresses, financial information, passwords, etc.) about a company’s employees, customers, and vendors.
As a result, strong monitoring and security measures of the personalized bot becomes evident.
In a personalized bot, the starting point would be Architecture and Authentication. In a personal bot scenario, one of the issues could be ‘individual authentication’, wherein the robots use employee log-ons and, it becomes increasingly difficult to distinguish human activities from those of the bot. Security is given a boost when each robot is given its own individual log-in, and its own permissions from the system.
The below approach can help effectively monitor and secure the RPA platform:
Integrity: A person needs to ensure the results/data coming from the bot has not been modified/altered.
Currently, the enterprise editions of most of the well-known RPA tools have robust monitoring and security features, which allows organizations to have full control over the security features of the bot. But, when it comes to a personalized bot, the features have to be customized to meet the needs accordingly. For example, AssistEdge 18.0 Enterprise Edition has ‘Control Tower’ component, which has monitoring and security features covered. A component of the Control Tower, i.e. the credential manager ensures the safeguarding of credentials, and end-to-end monitoring of robots can be seen through the dashboard component. Also, all the details related to each transaction executed by the bot are available in the process view component, but for personal bots, all these components will need a re-look.
One might say that by using the features mentioned above in AssistEdge 18.0, the bot is visible, traceable and secure — then why is a re-look needed? Well, automated logins are entirely traceable. The challenge arises when one part of the process is administered by humans, then handed over to robots, then back to humans. The problem here is really about simplification, and lack of straight-through processing or integration, where a single sign-on allows continuous workflows without the stop-start that characterizes handovers. Also, in case of monitoring, the enterprise concept of a dashboard might not be essential, rather personalized information for the individual handling the bot should suffice.
Fundamentally, it comes down to a thorough homework and preparation while handling personal bots to ensure a more robust and secure ecosystem. Today, with enormous opportunities in RPA, the market is exploding with providers who promise to offer quick and easy implementations in cases, where processes can be replaced by a bot. But, what needs to be looked into is how much success will the concept of ‘Robot for every person’ bring.