Encryption at rest and transit for ServiceNow

davidrojas25
Kilo Contributor

‎12-19-2016 10:54 AM

How does encryption work within SN. Is data encrypted at rest if so how and how about in transit?

0 Helpfuls
  • 14,211 Views
6 REPLIES 6

mikeadler
ServiceNow Employee
ServiceNow Employee
In response to r_t_bryan

‎11-09-2017 11:42 AM

Hi Robert,



I appreciate your feedback!



For data to be encrypted at rest Out-Of-The-Box (OOTB) without any additional configuration required, an add-on ServiceNow product and extra cost, Full-Disk Encryption (FDE) would be needed. I refer to "data at rest" in this case as the state the data being dormant and unused in real time. With FDE, the encrypted data is actually unencrypted when being used by a process (i.e. application) running on the instance or transmitted between the instance and an enterprise customer. In this case, the data in motion (i.e. in transit) would be encrypted at the transport layer of TLS 1.2, but not at the database layer.



The other native ServiceNow encryption options as discussed earlier, Edge Encryption and Column-level encryption, do require some degree of configuration, OOTB, depending on the scope of an enterprise's encryption requirements.



Could you please kindly let me know if this response helps to answer your question and mark as helpful it does?



Thanks,



Mike