The Zurich release has arrived! Interested in new features and functionalities? Click here for more

Everything about Access Analyzer

Community Alums
Not applicable
‎04-22-2024 05:00 AM

Bonjour Community,

 

ServiceNow Admins always struggle to untangle the web of user permissions in instance. So, SN product team took the ownership of this problem and introduced Access Analyzer utility in Vancouver release to shine a light on access control. This powerful tool empowers you to significantly improve your organization's security posture and achieve compliance goals.

 

What is Access Analyzer?

Imagine a crystal ball revealing exactly who (user, group, or role) can access what (tables, UI Pages, Client callable Script Include, REST Endpoints or specific records/fields) within your ServiceNow instance. That's the magic of Access Analyzer. It provides a granular view of permissions, enabling you to:

 

  1. Enhance compliance adherence
  2. Analyze access to resources (tables).
  3. Compare the access of 2 users.
  4. Compare the roles and groups of 2 users.
  5. Prevent from over provisioning permissions.
  6. Generate a report showing whether an identity has access to a resource (table).
  7. Achieve the least privilege principals when implementing access controls.
  8. Limit access to certain data, which includes applications, tables, rows or columns, and other resources.
  9. Provide reporting capabilities for the analyzer results.

 

UI to analyze Permissions in Access Analyzer

 

12.png

 

This is how results look like:

 

1212.png

 

 

ServiceNow has came up with following new features in Washington DC release

 

  1. Compare User Records - It is used to compare two user records, what roles they have and what groups they belong to or not
  2. Compare User Access - It is used to compare user's access control using the Access Analyzer.

 

12121.png121212.png

 

 

 

A Word on Time-Limited User Roles

It's important to consider the impact of temporary access assignments when evaluating user permissions. For instance, an ITIL user granted temporary admin access for a few days will show elevated permissions in Access Analyzer results. Understanding the context behind access is crucial for accurate analysis.

 

What I would like to see in future releases in Access Analyzer?

ServiceNow is constantly innovating, and we can expect further enhancements to Access Analyzer in future releases. Potential areas of development can include:

 

  1. Automated remediation: Imagine SN automatically suggest or even implement adjustments to access controls based on predefined security policies.
  2. Real-time monitoring: Continuously monitor permission changes and receive instant alerts for suspicious activity.

 

Finally here is a detailed demo on Access Analyzer in ServiceNow Washington DC release.

 
 

Cheers,

Hardit Singh

YouTube

LinkedIn

Labels:
  • 1,322 Views
3 Comments
Popular Blog Posts