Credential Vault

The Robility Credential Vault is a secure feature designed to store and manage sensitive information such as credentials, API keys, and confidential data within the Robility platform. It ensures secure access to secrets during automation workflows, minimizing exposure risks.

By default, the Credential storage is set to “Robility Manager Instance”. This option can be configured in the tenant selection area. Click here to learn more about it. This step is crucial for the tenant admin because all credentials will be stored in the area based on the storage configuration. 

How the Credential Vault is Secured

1. Tenant Isolation: Credentials for each tenant are stored in isolated databases that are physically separate and hosted in Azure SQL Managed Instances (Azure SQL MI). These databases are protected with Transparent Data Encryption (TDE) to secure data at rest, ensuring tenant-specific security.

2. Encryption Mechanism: AES-256 Encryption: The Robility Credential Vault employs AES (Advanced Encryption Standard) with a 256-bit key to encrypt sensitive data. This industry-leading encryption ensures robust security for stored secrets. Encryption keys are securely managed and stored within the Robility infrastructure.

3. Secure Communication: All communication between Robility components, such as bots, the Credential Vault, and the Robility Manager, is secured using TLS 1.2 (Transport Layer Security), safeguarding data in transit.

4. Role-Based Access Control (RBAC): Robility enforces strict role-based access controls, ensuring that only authorized users and processes can access or modify stored credentials.

5. Audit Logs: Credential Vault activities, such as storing, retrieving, or modifying credentials, are logged to support audit and compliance requirements. 

Third Party Vault Integration

Robility integrates seamlessly with external credential management systems, allowing organizations to leverage existing solutions for secure credential storage and retrieval.

Supported Third-Party Vaults:

Azure Key Vault: Allows secure storage and management of credentials using Azure’s encryption and policy controls. Click here to configure Azure Key Vault. 

Advantages

1. Enhanced Security: Implements advanced encryption and access controls to protect sensitive data.
2. Centralized Management: Streamlines credential management by centralizing sensitive information storage.

Challenges

1. Infrastructure Dependency: Requires a well-maintained Robility Manager or third-party vault integration. 
2. Configuration Complexity: Initial setup for third-party vault integration may require expertise.
3. Credential Rotation: Automating credential rotation for sensitive accounts may require additional workflow configuration.