The whole company is buzzing with the launch of our ServiceNow Washington D.C. release. There are various new solutions to increase customers’ productivity. It's not all GenAI and Automation though. The Platform Security team has introduced many exciting product and feature additions in Washington D.C release, all focused on our vision of making ServiceNow the most secure, compliant, and trusted platform by providing access to the right data, to the right people, for the right purpose, every time, and be able to prove it.
Platform Security Core
First, let's talk about what's new with our out-of-the-box security features to protect customer users and their data on the platform.
- Access Analyzer: Starting in Washington D.C. Access Analyzer is installed by default on instances. We've also added Access Comparison, a new tool that you can use to compare two user records and see how their attributes, roles, and groups differ or compare their access to a particular resource.
- Time-Limited Roles: Allows customers to grant access user access with a start and end time. This is a useful feature when you have a user who needs to perform a one-time action that is normally outside their roles.
- Adaptive Authentication Session Validation: Provides new protection against attacks with stolen session cookies. Admins can now create an adaptive authentication policy to enforce security checks when there is a change in the IP Address of an authorized session.
- Security Center Critical Updates and Security Hardening Tool: Security Center has added a critical update tool to view timelines for when their critical updates are due and prioritize them properly. Security Center also has new Hardening Settings and displays step-by-step guidance on how to remediate gaps.
- OAuth Client Credentials Grant: The administrators can use the client credential (CC) grant type to enable integration from a third-party OAuth client to the ServiceNow platform. This is useful for system-to-system integration use cases.
- Triple DES Deprecation: Per NIST guidelines, 3DES is officially being retired and will be allowed for encryption until December 2023 and decryption for legacy use. Customers now have configurable ways to deprecate usage of 3DES from Legacy Password2 fields.
Platform Security Premium Add-Ons
We have added more value to our ServiceNow Vault line of security enhancement products to protect customer sensitive data on the platform and maintain its privacy.
- Column Level Encryption MAP Visualization: Key Management Framework admins can use the new module access policy UI page view to quickly determine who has access to encrypted information on their instance.
- Data Privacy: Data Discovery now supports keyword proximity in addition to a regular expression so customers can have more confidence in the discovery findings. For example, a customer can more easily distinguish between a hire date vs a birth date. Data Discovery also introduced an API for real-time detection of sensitive data. Data Anonymization has added support for partial anonymization so you can remove sensitive information from a field without removing all the valuable context around it.
- Zero Trust Access: Reduced session access based on network, geolocation, and user risk is now available on mobile.
In summary, this release marks another milestone in our ongoing efforts to deliver robust and innovative platform security products, empowering our users with enhanced capabilities and improved performance for their diverse needs. We will continue to work hard to bring more advanced capabilities to our upcoming releases.
