Attachments Encryption at rest

pravinsale
Kilo Contributor

Hi, how do you achieve encryption at rest for attachments used in HR Case Management Application? What are the pros and cons of it if we have to do it.

1 ACCEPTED SOLUTION

tim210
ServiceNow Employee
ServiceNow Employee

The Encryption Contexts feature is probably what you want:


Encryption support



I've seen customers using it with a simple 'Encrypt Attachment' checkbox on the attachment upload dialog. You could also probably customise it to always encrypt attachments.



The main downside is that the 'contexts' that allow particular users to decrypt the attachments and view the contents are specific to the instance. So you can't send the attachments out from the instance in emails (technically you can, but they'd be encrypted and so unreadable to third parties). However there are customisations that might allow you to do this if it's something you need:


https://community.servicenow.com/thread/162811


https://share.servicenow.com/app.do#/detailV2/f2d4d6e0877759008bf84b0b0e434d9a/overview


View solution in original post

5 REPLIES 5

tim210
ServiceNow Employee
ServiceNow Employee

The Encryption Contexts feature is probably what you want:


Encryption support



I've seen customers using it with a simple 'Encrypt Attachment' checkbox on the attachment upload dialog. You could also probably customise it to always encrypt attachments.



The main downside is that the 'contexts' that allow particular users to decrypt the attachments and view the contents are specific to the instance. So you can't send the attachments out from the instance in emails (technically you can, but they'd be encrypted and so unreadable to third parties). However there are customisations that might allow you to do this if it's something you need:


https://community.servicenow.com/thread/162811


https://share.servicenow.com/app.do#/detailV2/f2d4d6e0877759008bf84b0b0e434d9a/overview


pravinsale
Kilo Contributor

Thanks Tim. That's really helpful.


roshanrao
Kilo Expert

Pravin,


I am working on a similar requirement. The issue that you have is that Encryption Contexts only seems to work when documents are being uploaded from the UI. Documents sent in through emails that get attached to cases will not get encrypted.



I am pointing out this gap. I am investigating other options, i.e., Edge Encryption.



- R