Mask CI info coming from secure datacenter at mid server before it gets entered to CMDB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-17-2024 05:54 AM
Hello All,
We are doing ITOM discovery and part of it is to do discovery of a secure data center.
The Regulations asks us to mask the important details of CI coming into ServiceNow such as mac ,Serial,IP,Host name.
Is there a way to mask such details at mid server level so that the data gets anonymised.If Yes, then how to do it ?
We are deploying a dedicated mid server for this secured network.
- Labels:
-
Architect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-17-2024 07:10 PM
@Servicenow lear couple of questions
Is there a reason why we want to store the masked data inside ServiceNow PROD?
If the data gets masked then how do you plan to use it in ServiceNow?
I recommend not to store the data in ServiceNow unless there is a valid use case to utilize the data.
With that said, to answer your question I can think of couple of options,
Option 1: If you are using custom probes/patterns to discover the resources, then add extra code/step as part of that probe/pattern to mask the sensitive data before it is written to the ECC queue. If you are using OOTB probe/patterns, then avoid customizing them.
Option 2: If you don't want to make any changes in probes/patterns then, run a before insert/update BR on the table "ecc_queue". In this BR, add the logic to parse the payload body to identify sensitive attributes and mask them.
For now I can think of only these two options. But will let you know if I come up with anything else.
PS: Please hit "Correct", "Helpful" or "Like" depending on the impact of the response.
Regards,
Kamal S
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2024 07:38 AM
thank you for the response.
Use case : we are making ServiceNow as single source of truth for all inventory.
Incident management even for secure domain.
with option 1 and 2 would these changes have impact for all classess and all mid server or just specific to this mid server deployed in secure network ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-19-2024 02:33 AM
"we are making ServiceNow as single source of truth for all inventory.
Incident management even for secure domain."
- Having/storing the data is one thing but utilizing the data is totally a different thing. What I couldn't understand is that if the data is in masked state always then how or where it'll be used. But anyways, I leave that to you.
"with option 1 and 2 would these changes have impact for all classess and all mid server or just specific to this mid server deployed in secure network ?"
-Once you implement one of these options, it'll be applied for all mid servers. Classes impacted depends on the probe/pattern which you are updating.
PS: Hit "Correct", "Helpful" or "Like" depending on the impact of the response.
Regards,
Kamal S
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-25-2024 08:38 AM
Thanks for the response.
I had another question , lets say we allow data to come in from mid server into service now through ECC queue and we do data masking post it.. does the data is encrypted while flowing through ecc queue and any trace is removed once data is masked through script.
