Impersonation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2025 09:38 AM
do you think Impersonation is an security issue? if yes give me reasons?if not support it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2025 06:36 PM
Hi @sunny091213
In ServiceNow, "impersonation" can be considered a potential security issue because it allows administrators to temporarily log in as another user, which could lead to unauthorized access to sensitive data if not properly managed and monitored, potentially enabling them to bypass access controls and view information they wouldn't normally have access to.
Key points about impersonation in ServiceNow:
- Functionality:
Impersonation is a feature that allows administrators to temporarily assume the identity of another user within the system, which is useful for troubleshooting and testing user experiences.
- Potential Risk:
While intended for legitimate use, if not properly controlled, it could enable malicious actors to access sensitive data by impersonating other users with higher permissions.
- Mitigating factors:
- Access control: Restricting who can use the impersonation feature and ensuring only authorized administrators have access.
- Logging and auditing: Actively monitoring and logging all impersonation activities to identify suspicious behavior.
- Application-specific restrictions: Implementing security settings within specific applications to limit what data can be accessed while impersonating a user.
if my response helps you mark helpful and accept solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2025 01:19 AM
Nice Info.
but Logging and auditing -> to access the logs of a organization you should have the admin role.
Consider this situation:if a organization has two admins and one impersonated other admin and changed his password and he forgots his password then what happen there is no prove or logs that proves that person changed passwords and he is the cause of that situation then how to solve that kind of situation?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2025 06:59 PM
I agree with Atul here.
It should be given only in DEV and UAT only for testing purposes.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2025 01:20 AM
Consider this situation:if a organization has two admins and one impersonated other admin and changed his password and he forgots his password then what happen there is no prove or logs that proves that person changed passwords and he is the cause of that situation then how to solve that kind of situation?
