- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
03-13-2025 03:50 PM - edited 03-21-2025 11:38 AM
Overview
With the Xanadu and Yokohama releases, we’ve introduced new access control features designed to help you enhance the security of your data.
New Access Control Features:
- Security Data Filters
-
An alternative to Before Query Business Rules, Security Data Filters apply safeguards directly to database queries.
-
Deny-Unless ACLs
-
Automatically deny access to data unless specific conditions are met.
-
Query ACLs
-
Restrict querying or sorting of columns, even when users have permission to read certain records.
These features are to enhance security while providing flexibility for administrators and developers.
Customer Considerations
Enhanced Security Posture
- Starting with the Yokohama release, ServiceNow has released new security controls for certain products. We expect to continue rolling out these controls in the Zurich release.
Granular Adoption
- Each product team has carefully selected which access control enhancements best complement their existing configurations, ensuring seamless integration and improved protection out of box. Each product will have details covered as a part of their release notes and documentation updates.
Smooth Upgrades
- Some new controls are deactivated by default for customers transitioning from pre-Yokohama releases. This approach allows you to gradually adopt these new features without disrupting your existing workflows.
Getting Started
Discover Inactive Security Controls
- You can easily identify and activate new security controls in ServiceNow Security Center using the Security Controls Activation Suite.
Quick Navigation
- To review inactive controls, go to:
<instance>/scan_finding_list.do?sysparm_query=check%3D5d7853c37ff012100e0450546c866593%5Eresult.scan_type!%3Dtest_scan&sysparm_view=
ServiceNow recommends enabling these controls after thorough testing in a sub-production environment to ensure compatibility with your configurations.
What You Can Do Today
Here’s how you can make the most of these new features:
-
Review Inactive Controls
-
Explore the controls that are deactivated by default and determine which ones can be activated in alignment with your business needs.
-
Adopt New Access Control Features
-
Implement Data Filters, Deny-Unless ACLs, and Query ACLs to strengthen your instance's security while simplifying maintenance.
-
Test and Iterate
-
Use a sub-production environment to test these features before enabling them in production.
Learn More
For detailed guidance and tips on leveraging these features, check out our official release notes and product documentation.
- 2,194 Views