- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-13-2020 06:32 AM
Hi All
We have been asked to do encryption for our instance and we have been comparing database encryption vs edge encryption to see which one suits us better
Database Encryption versus Edge Encryption ===================================================================================== Database Encryption is complementary to application tier encryption but does not replace it in some cases. Cmmon use cases addressed by application level encryption but not Database Encryption include: Data must be protected at the application layer Data must accessible in the clear to only certain groups of users Customer must own encryption keys (Edge Encryption only) ServiceNow cannot have access to data in the clear (Edge Encryption only) Encrypted data should not be in the clear outside of the customer’s environment (Edge Encryption only) Database Encryption also covers certain use cases that application-level encryption does not: Protection of data types that cannot be encrypted via Edge Encryption or column-level encryption Encryption with no impact to functionality Encryption of all data-at-rest Database Encryption can be used in conjunction with Edge Encryption and/or column-level encryption to apply a layered security approach. Database encryption protects all data at rest and Edge Encryption or column-level encryption provides higher security protections to sensitive fields such as PII and PHI.
Now I got the above info from a product documentation . I am trying to analyze the pros and cons of using edge encryption over database encryption for a simple ITSM system . Can someone please explain the major pros and cons of these two approaches in layman's term please . thanks a lot
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2020 07:43 AM
Edge Encryption, if that's your concern.
There really isn't much else to say that someone else hasn't already said here, so I think you've done a good job evaluating everything, but if you're ultimately wanting the data to be secure on YOUR end with SN NOT having access, then Edge Encryption is it.
Ultimately, you'd want to discuss this with your company. I'm unsure of your position, but your profile says Dev. So, really, the platform owner + compliance + security team would be the ones to have the ultimate say. Then the company over top of that as there is a price model associated...so that may or may not change the approach.
Please get your SN Account Executive to discuss pricing of Edge and Database, then run it through the appropriate channels and they can make the final call.
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2020 07:43 AM
Edge Encryption, if that's your concern.
There really isn't much else to say that someone else hasn't already said here, so I think you've done a good job evaluating everything, but if you're ultimately wanting the data to be secure on YOUR end with SN NOT having access, then Edge Encryption is it.
Ultimately, you'd want to discuss this with your company. I'm unsure of your position, but your profile says Dev. So, really, the platform owner + compliance + security team would be the ones to have the ultimate say. Then the company over top of that as there is a price model associated...so that may or may not change the approach.
Please get your SN Account Executive to discuss pricing of Edge and Database, then run it through the appropriate channels and they can make the final call.
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2020 08:20 AM
thanks Allen and others for replying .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2020 07:50 AM
What you need to ask yourself is do you trust ServiceNow enough to not do those kinds of things? You can also talk with your tech or sales rep to understand what they have access to on the backend and if they would be able to do a select direct from the DB.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-19-2020 09:11 AM
Hi, ServiceNow Experts,
I am new to SNOW.
1) If we use an edge encryption, do we still need a DB encryption? Or can we use both of an edge encryption and a DB encryption? What is the norm in SNOW?
2) If we use an edge encryption, do we need an attachment encryption? (My opinion is no.)
Thank you for the advice.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-19-2020 01:46 PM
Hi,
If you don't mind, please create a question on the forums so that we can focus that conversation to your needs, there.
Feel free to @ me there
Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
