In this article, we continue exploring ServiceNow platform Security. have a look at part one if you missed it.
Every organization wants to ensure that their data is inaccessible for unauthorized users..even if unauthorized users gain access to data, they won’t be able to read it, that is where encryption becomes very important.
ServiceNow provides the capabilities to encrypt data in transit and data at rest.
Data in Transit
We can think about data in transit as data moving from one point to another, that can be through the internet or your network. Obviously, because data is moving, we need to make sure that it’s protected from tampering or interception- how does ServiceNow secure our data in transit?
Data transferred between a browser and a ServiceNow instance is transferred over HTTPS using TLS AES 128 or AES 256
What is AES 128?
In brief AES symmetric encryption meaning that uses the same key to encrypt and decrypt. symmetric encryption encrypts large amounts of data very quickly.
Data at Rest
We can think about Data at Rest as the data stays in one place or data not actively moving – for example data stored in Database or/and data storage.
ServiceNow provides the below encryption:
- Symmetric AES-256 encryption for the Database layer
- AES128/ AES256 encryption for column level encryption
- Full disk encryption, meaning the encryption is part of hardware controller.