Forced encryption on attachments

Kim Sullivan · ‎07-27-2023

Since upgrade to Utah, all our attachments are being encrypted. In Tokyo and before there was a checkbox here to choose to encrypt. That is now gone and none is not the default option.

ServiceNow support says this is OOB, but I can't believe this was intended.

#encryption

#crypto

#attachments

Kim Sullivan · ‎07-27-2023

HI told me to post on community and this was an OOB setting. I spent another 3 hours on it and figured this out --

update the optional_attachment_encrypt UI macro.

OOB config:

Updated:

You also need to comment out these lines:

View solution in original post

Alex Upmann1 · ‎01-01-2024

I have this same issue on my instance but when I follow the link to the knowledge article, I get a message saying my role doesn't grant me access to the article. Now I can take that up with SN and my SN account manager but can you list the pertinent points from the article?

Trish Mac · ‎10-31-2024

Hi @Kim Sullivan , I'm on Xanadu in DEV and TEST. Xanadu is the FIRST time we've seen the Encrypt Attachments pop up and we were on Tokyo, then Vancouver and hadn't had this come up. I tried your code change in the optional_attachment_encrypt UI macro and this didn't work for me.

My code looks like this:

Thanks,

Trish

Todd Preece · ‎08-02-2023

Took me some time to investigate this but at least in the context of Column Level Encryption (CLE), the option to encrypt or not is controlled by a system property 'com.glide.encryption.enable_attachment_key_ui'. True=Give the option, False=Encrypt by default. I tested this out on a Utah instance and seems to toggle the choice as expected.

Kim Sullivan · ‎08-04-2023

@Todd Preece

Hey Todd - thanks for looking into it. I already have this property set to true.

Jeff Boltz1 · ‎10-18-2023

Has anyone had a case where attachments do not encrypt if the property com.glide.encryption.enable_attachment_key_ui'. is set to false?