New Access Control Features

pratikbhatt
ServiceNow Employee
ServiceNow Employee

‎03-13-2025 03:50 PM - edited ‎03-21-2025 11:38 AM

Overview

With the Xanadu and Yokohama releases, we’ve introduced new access control features designed to help you enhance the security of your data.

 

New Access Control Features:

  1. Security Data Filters

    • An alternative to Before Query Business Rules, Security Data Filters apply safeguards directly to database queries.

  2. Deny-Unless ACLs

    • Automatically deny access to data unless specific conditions are met.

  3. Query ACLs

    • Restrict querying or sorting of columns, even when users have permission to read certain records.

These features are to enhance security while providing flexibility for administrators and developers.

 

Customer Considerations

Enhanced Security Posture

  • Starting with the Yokohama release, ServiceNow has released new security controls for certain products. We expect to continue rolling out these controls in the Zurich release.

Granular Adoption

  • Each product team has carefully selected which access control enhancements best complement their existing configurations, ensuring seamless integration and improved protection out of box. Each product will have details covered as a part of their release notes and documentation updates.

Smooth Upgrades

  • Some new controls are deactivated by default for customers transitioning from pre-Yokohama releases. This approach allows you to gradually adopt these new features without disrupting your existing workflows.

Getting Started

Discover Inactive Security Controls

  • You can easily identify and activate new security controls in ServiceNow Security Center using the Security Controls Activation Suite.

Quick Navigation

  • To review inactive controls, go to:
    <instance>/scan_finding_list.do?sysparm_query=check%3D5d7853c37ff012100e0450546c866593%5Eresult.scan_type!%3Dtest_scan&sysparm_view=

ServiceNow recommends enabling these controls after thorough testing in a sub-production environment to ensure compatibility with your configurations.

 

What You Can Do Today

Here’s how you can make the most of these new features:

  1. Review Inactive Controls

    • Explore the controls that are deactivated by default and determine which ones can be activated in alignment with your business needs.

  2. Adopt New Access Control Features

    • Implement Data Filters, Deny-Unless ACLs, and Query ACLs to strengthen your instance's security while simplifying maintenance.

  3. Test and Iterate

    • Use a sub-production environment to test these features before enabling them in production.

Learn More

For detailed guidance and tips on leveraging these features, check out our official release notes and product documentation.

  • 2,449 Views
Version history
Last update:
‎03-21-2025 11:38 AM
Updated by:
ServiceNow Employee
Contributors