Password Storage/Management in ServiceNow

julieburke
Kilo Explorer

‎07-02-2015 05:19 AM

Hi. I'm looking for a solution to store passwords for systems and services within our platform. This is for a secure password repository and not related to password reset type solutions.

We use a shared servicenow instance across the whole of the the company, and we are not Admins of servicenow, only in ITIL   and developers roles.

Is there a way to use ServiceNow to act as a password repository, but protect the information from general access, including the admins?

It would be great to hear if anyone else has done this.

Thanks

Julie

0 Helpfuls
  • 6,817 Views
2 REPLIES 2

brian_quinn
ServiceNow Employee
ServiceNow Employee

‎07-08-2015 07:26 AM

Julie,



You may want to look into the Encryption Support plugin.   This allows you to encrypt specific fields, and only allow particular roles the ablility to decrypt the fields.


http://wiki.servicenow.com/index.php?title=Encryption_Support#gsc.tab=0



On the surface, if admin uses do not have the role they would not be able to view the field.   However there is nothing that prevents them from granting the role to themselves.   You could add business rules or ACL's to prevent them from doing so, but in the end those controls could be disabled by an admin if they really wanted to.



Thanks


Brian


0 Helpfuls

Phil32
Tera Expert
In response to brian_quinn

‎06-07-2017 06:07 AM

Encryption looks like you would have to create your own table or add a field to an existing table to store this data.



Since 2015 or with the security modules, has ServiceNow added a module for viewable password storage?   I'm looking for a password vault like Keypass or LastPass.


0 Helpfuls