what are the pros and cons of using external credential storage cyberark with servicenow?

Neha Maurya
Tera Contributor

what are the pros and cons of using external credential storage cyberark with servicenow?

2 REPLIES 2

Community Alums
Not applicable

Hi @Neha Maurya ,

By using external credential storage you would then have a vault rather than credentials and ServiceNow would be generating session-specific access rights and kill them once the transaction is over. Yes it is more expensive and a project in itself to setup but if you are really serious about the security perhaps when implementing ITOM is a better opportunity than ever to expand upon additional solutions.

 

Now, When a credential is stored in ServiceNow it is of course encrypted. For you cryptography geeks the encryption itself is 3DES and are decrypted on the instance with a password2 key. The password2 fields are encryption fields using 3DES (192/168), which further encrypt the 3DES key using AES with a 256 bit key size, where the key is stored in the safenet devices (a separate key storage appliance and retrieved by the instance). Credentials can only be added by administrators and once they are entered – they cannot be viewed.

 

Learn more : External credential storage 

CyberArk credential storage integration 

 

Hi Sandeep,

 

Using the external credential storage will lead to delays in the discovery? And where there are more than 60 local domains globally and each has a different account.