Skip to main content

Appian Protect: Security Monitoring, End-to-End Encryption, and More

Dan O'Keefe, Appian
March 15, 2023

Data is the heart of business operations. And much of that data is sensitive or regulated. Cyber threat actors know they can benefit financially from your data by holding it for ransom or selling it on the dark web. The most recent Cost of a Data Breach Report 2022 from Ponemon Institute and IBM clocks the average data breach cost at $4.35 million USD (that’s $164 USD per data record). 

The stakes are high. Your security must be too. That’s why organizations across industries, such as financial services, government, and healthcare, have placed their trust in Appian to help protect their sensitive and highly regulated data. 

Appian Protect is a tiered offering that comprises the full breadth of our ongoing security efforts: end-to-end encryption capabilities, 24x7x365 monitoring, defense-in-depth data protection, and multiple industry standard compliance certifications. Appian Protect offers native security features to protect your data across the cloud and mobile devices, with upgrades available for advanced security features and enhanced control. 
 

Built on a strong foundation. 

Appian has always provided a trusted and secure platform to keep your data safe. Appian customers get continuous platform monitoring, fast incident detection and response, and multiple strong security layers to protect against a myriad of threat vectors. We also maintain many industry standard compliance certifications that are independently assessed by third parties. These include SOC 2 type II, SOC 3, HIPAA, FDA 21 CFR Part 11, DoD Impact Level 5, PCI DSS, FedRAMP, and HITRUST. More recently, Appian has also achieved the State Risk and Authorization Management Program (StateRAMP), Canada Protected B, UK Cyber Essentials Plus, and Spain’s National Security Framework (ENS) accreditations. 

While Appian Protect is a tiered security offering, all Appian customers receive access to a strong foundation of security features embedded in the platform. These include:

  • Data loss prevention: Continuously monitor for abnormal user behavior or actions. This helps alert security teams to potential incidents that could lead to data breaches or destruction and keeps your data safe from potential threats. 
  • Monitoring with security orchestration, automation, and response (SOAR): Protecting a platform that processes more than six billion daily transactions requires efficiency. To remain secure at scale, we built our own SOAR solution using Appian to continuously monitor the platform. SOAR automates a number of security activities—from data collection to alerting to issue triage to security responses—so our own security team can respond confidently to any issues. You can learn more about Appian’s SOAR here
  • Real-time intrusion detection and monitoring: We’re not the only ones protecting the platform—we work with a highly rated third-party security firm to provide 24x7x365 security monitoring for potential intrusions and to offer insider threat protection.
  • Comprehensive antivirus scans: All file uploads are automatically scanned for malware when uploaded. We also run regular scans after updating our virus database for round-the-clock protection.
  • Enterprise-ready authentication and authorization with single sign-on (SSO): Ensure only the right users can access your applications with support for multiple authentication and authorization protocols. Choose between our built-in authentication or connect to your own LDAP, SAML, OpenID Connect, or Login.gov. 
  • Integration authentication: No matter what integration you use, Appian Protect supports strong authentication protocols so you can protect your integrations. This includes OAuth 2.0, Google Service Account Authentication, and AWS Signature  Version 4.
  • Inbound web API authentication: Protect against attempts to hijack applications via malicious API calls. Appian Protect supports multiple industry standards, including API Keys and OAuth 2.0. 
  • Row-level data fabric security with user access preview: Safeguard data records by easily setting record access and authorization rules. Simply select who sees what and when with no-code rules. Plus, you can check your work with user access previews to see what a user with a given role will see during a specific instance. 
     

Advanced features, as needed. 

For those customers who want greater control over their security posture, Appian Protect offers additional features for each support tier. 

At the Essential level, you get:

  • Multiple private connectivity options for inbound and outbound traffic, so you can use your own network resources in addition to Appian Cloud. 
  • Inbound and outbound AWS PrivateLink to cordon off the environment from the web and connect to your other self-managed resources. 
  • Trusted IP allow lists to restrict access to specific inbound traffic and further prevent unauthorized access.
  • Custom transport layer security (TLS) policies to enforce specific TLS 1.2 configurations on environments. 
     

The Advanced level offers:

  • The ability to bring your own key (BYOK) for Appian Cloud disk encryption.
  • Access to database encryption for further protection.
  • Log streaming so users can access log data for their own security information and event management (SIEM) or a log management tool to monitor security and performance. 
  • Additional business continuity protection by storing data in two US locations to avoid downtime during regional outages. 
     

The Enterprise level offers white-glove security consultations, including:

  • Site audit requests.
  • An annual security questionnaire. 
  • An annual customer audit

At the Enterprise level, our highest level security offering, you’ll not only ensure your security posture is strong—but also be able to demonstrate that strength to compliance officers as needed. Additionally, while all Appian users can isolate data for customers, Enterprise users can gain further data isolation by hosting their own instance in a virtual private cloud (VPC)

 

Safeguard your data with Appian Protect. 

Whether you’re protecting sensitive data for your customers or complying with regulations, Appian Protect gives you unmatched security assurance. We’ll help safeguard your data at rest, in use in applications, and in transit. You’ll benefit from our years of experience with regulations to help keep you in compliance with local, state, federal, and global regulations. And we’ll do it all at scale

In short, with Appian Protect, you start with strong security—and can build up as needed. Learn more by visiting the Appian Protect page