Does anyone know of a way to reverse encryption on attachments?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-20-2015 12:59 PM
I am looking for a way to remove encryption context from a large number of attachments in relation to a specific table.
Is there a way to do this? I see scripts in the WIKI that show how to encrypt en mass but nothing for removing encryption.
Thanks in advance.
https://youtube.com/watch?v=zYi8KhP9SUk
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2015 07:24 AM
We encrypt attachments in the HR Module within ServiceNow.
Security has mandated that the encryption keys NOT be stored on the cloud.
To facilitate this, we are changing the form of encryption to another type that allows us to hold the encryption keys on premises.
If I can't find a solution on this we will probably be working directly with SNOW to find one as out next encryption solution will be Edge Encryption in Geneva.
We are early adopters.
Hope that helps.
Thanks.
https://youtube.com/watch?v=zYi8KhP9SUk
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2015 07:43 PM
I really don't understand this requirement.
If ServiceNow was compromised, all attachments could still be downloaded regardless of where the encryption key is stored (although it would take a lot longer to do so).
Am I missing something or is this just an old security requirement that was mandated prior to going cloud?
ServiceNow Nerd
ServiceNow Developer MVP 2020-2022
ServiceNow Community MVP 2019-2022
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2015 11:17 PM
This is a security requirement that is mandated BECAUSE we are in the cloud.
The clients security team does not trust the organization's reputation to the security of the cloud.
Whether it makes sense or not isn't for me to judge. I get paid to implement the solution.
ServiceNow has created EDGE encryption specifically to remove the key from the cloud which as you stated definitely makes it harder to hack, but as you also stated, nothing is impossible. The right people with the right know how can get whatever data they want.
That said, the requirement is really quite simple. We want to remove the current encryption so that we can move to a new solution.
It isn't rocket science. Though nobody seems to have a solution so maybe it is. Who knows...
https://youtube.com/watch?v=zYi8KhP9SUk
