ServiceNow – Securing Fields – 7 Column Level Encryption

Secretary of Simplification
4 Jan 202312:05

Summary

TLDRThis video provides a concise introduction to column-level encryption in ServiceNow, focusing on securing sensitive data such as strings, dates, and attachments. It guides viewers through the setup process, including creating a cryptographic module, defining access policies, and configuring encrypted fields. The tutorial emphasizes the importance of careful planning, as encryption can affect existing workflows and user access. For those seeking a deeper understanding, the video encourages further exploration of detailed courses on Now Learning. This approach ensures data privacy while maintaining accessibility for authorized users.

Takeaways

  • 🔐 Column level encryption is a server-side encryption method for string-based fields, ensuring data privacy and security.
  • 🔑 Only users with specific roles can access encrypted field values; unauthorized users will not see the field at all.
  • 📚 There are three in-depth courses available on Now Learning that cover column level encryption in detail.
  • 🚗 The example used in the video involves encrypting the 'pin' field in the 'cars' table.
  • 👤 Admin users have the ability to view and modify encrypted fields, while regular users cannot see them.
  • ⚙️ Setting up column level encryption involves creating a cryptographic module and defining key parameters.
  • 🛡️ Assigning role access is crucial to ensure that only authorized users can access the encrypted data.
  • 🔍 Testing the setup is important; admins should be able to interact with the field while other users should not see it.
  • ⚠️ Encrypting a field can impact existing processes, including workflows and business rules; planning is essential.
  • 💡 Best practices include using the Glide system method to verify user roles before executing actions on encrypted fields.

Q & A

  • What is column-level encryption in ServiceNow?

    -Column-level encryption is a server-side encryption feature for string-based fields such as strings, dates, URLs, and attachments. It ensures that only users with the necessary roles can access the encrypted field values.

  • What happens to users who do not have access to the encrypted fields?

    -Users without the necessary roles do not see the encrypted fields at all, effectively hiding these fields from them.

  • What is the purpose of the cryptographic module in the setup process?

    -The cryptographic module serves as the framework for the encryption process. It allows users to create and manage the encryption keys used to secure specific fields.

  • How do you create a new cryptographic module in ServiceNow?

    -To create a new cryptographic module, you access the field encryption module, create a new record with a name (using underscores instead of spaces), select the default template for the cryptography specification, and then save it.

  • What steps are involved in defining the key parameters?

    -You walk through a guided setup to define various parameters for the key, including its lifecycle and origin. For example, you can specify a duration for the key to be valid.

  • What is the role of access policies in column-level encryption?

    -Access policies assign roles to the cryptographic module. This means that only users with the designated roles can access the encryption keys associated with the module.

  • Can you encrypt multiple fields using different keys for different roles?

    -Yes, you can specify more than one module to encrypt a field with different keys, allowing different roles to have distinct access to the encrypted data.

  • What should be done to ensure proper user experience after encrypting a field?

    -It is advisable to remove the encrypted field from the list layout for users without access. This avoids confusion since they won’t have permission to view the field.

  • How do flows and business rules interact with encrypted fields?

    -Flows may fail to access encrypted fields if run as a system user. However, if the flow is run as the currently logged-in user with the necessary role, it can access the data. Similarly, business rules triggered by users with the necessary role will work as intended.

  • What additional resources are recommended for learning more about column-level encryption?

    -It is strongly recommended to take the detailed courses available on Now Learning, which provide more comprehensive information and guidance on implementing column-level encryption.

Outlines

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Mindmap

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Keywords

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Highlights

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Transcripts

plate

Cette section est réservée aux utilisateurs payants. Améliorez votre compte pour accéder à cette section.

Améliorer maintenant

Voir Plus de Vidéos Connexes

CH05_VID01_INSERT Command

Encoding IS NOT Encryption! And neither is hashing. [The Confused Developer]

Oracle Database - Security

32. Literasi Digital Penerapan Keamanan Dasar Konektivitas Jaringan Data Lokal - Informatika Kelas X

01 CYBER SECURITY ESSENTIALS 2

Information systems security

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Étiquettes Connexes
Data SecurityServiceNowEncryptionUser RolesTech TutorialDatabase ManagementPrivacy ProtectionCryptographyField EncryptionLearning Path
Besoin d'un résumé en anglais ?