Security Considerations

Data security

Process Mining uses your data for analysis and insights, so it is important to consider the security and privacy implications before you import data into Process Mining. All aspects of Process Mining interact over HTTPS to keep your data secure in motion: Mining Prep and Process Mining send event logs and case attributes over HTTPS.

Because your data moves securely within Appian, the primary area of consideration surrounds what kind of data you are sending and who should have permissions to see that data. With Process Mining, you are always in control of what data you choose to include.

This page describes security aspects you should consider when working with Process Mining and Mining Prep.

Data management

Before you add data sets to Mining Prep or event logs to Process Mining, you may need to remove personal identifiable information (PII), personal health information (PHI), financial information, or other data that's legally protected. Protected information can include names, emails, IDs, or other information that could be used to trace or identify a person.

When preparing your data for process mining, you'll want to balance the utility of the data with your own data security policies. There are a couple of approaches you can take to exclude unnecessary or private data:

• Create a database view that excludes columns or filters rows. Import this view into Mining Prep, rather than your entire data set. This option is best when your subset of data requires an advanced query such as data aggregations, joins, or manipulations.
• Use the Import by Query option in Mining Prep to exclude data on import with SQL. This option is best when your subset of data only needs simple SELECT statements to filter.

You may also want to implement more advanced data anonymization techniques when preparing your data, but you must implement this before importing the data into Mining Prep.

API security

Process Mining assigns each user account a unique API key that they can use to communicate back and forth with the system. The API key is also used to send transformed data from Mining Prep to Process Mining. All of these calls occur securely over HTTPS.

In cases of unauthorized disclosure, you can renew your API key. When you renew your API key, the previous key is disabled from further use.

To renew your API key in the Process Mining module:

1. Go to Process Mining.
2. Click More to expand the navigation menu.
3. In the Account section, select Edit Profile.
4. In the API Key section, click Renew API Key .

To renew your API key in the Mining Prep module:

1. Go to Mining Prep.
2. Click User Menu .
3. Click API Key.
4. Click Regenerate.
5. Click Yes.

User privileges

Admins can create organizations and put users into user roles to restrict access across both the Mining Prep and Process Mining modules.

• Organizations determine what users can see.
• User roles determine what users can do.

See Manage Users and Organizations for more information.

Password security

Password requirements for Process Mining match the rest of Appian Cloud:

• Passwords must be at least 7 characters long.
• Passwords must contain at least 1 numeric character.
• Passwords must contain at least 1 letter.
• Passwords must be different than the previous 4 passwords used.

You have 10 attempts to log in before you are temporarily locked out for 5 minutes.

Passwords expire after 90 days. After this time, you will need to reset and change your password to log in.

System timeouts

Appian Process Mining will automatically sign you out of your user session to reduce the risk of unauthorized access.

These timeouts will occur as follows:

• If you are idle for 65 minutes.
• If your session is active for 10 hours.

Feedback