Understanding platform security part 2

In this article, we continue exploring ServiceNow platform Security. have a look at part one if you missed it.

Every organization wants to ensure that their data is inaccessible for unauthorized users..even if unauthorized users gain access to data, they won’t be able to read it, that is where encryption becomes very important.

ServiceNow provides the capabilities to encrypt data in transit and data at rest.

Data in Transit

We can think about data in transit as data moving from one point to another, that can be through the internet or your network. Obviously, because data is moving, we need to make sure that it’s protected from tampering or interception- how does ServiceNow secure our data in transit?
Data transferred between a browser and a ServiceNow instance is transferred over HTTPS using TLS AES 128 or AES 256
What is AES 128?
In brief AES symmetric encryption meaning that uses the same key to encrypt and decrypt. symmetric encryption encrypts large amounts of data very quickly.

Data at Rest

We can think about Data at Rest as the data stays in one place or data not actively moving – for example data stored in Database or/and data storage.

ServiceNow provides the below encryption:

  • Symmetric AES-256 encryption for the Database layer
  • AES128/ AES256 encryption for column level encryption
  • Full disk encryption, meaning the encryption is part of hardware controller.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s