What is the basic difference between edge level and column level encryption. What is the most specific to work with for data encryption.

Abhi95 · ‎03-06-2019

Jeff Currier · ‎03-07-2019

The best descriptions are on the ServiceNow Trust site, For edge encryption and column level encryption.

Here is the current text.

Column level

We simplify data security at the application level by giving you the option to perform column‑level encryption on fields and attachments. This feature is available to all our cloud services as well as custom‑built applications developed on the Now Platform.

We support AES‑128, AES‑256, and 3DES encryption algorithms, and apply your choice to encrypt data. To mitigate the possible compromise of encrypted customer data, we re‑encrypt (wrap) your keys with a secondary key. In some cases, data stored in fields and attachments that is encrypted cannot be searched for or reported on.

Edge Encryption

The ServiceNow Edge Encryption application provides you with advanced data protection capabilities. It lets you perform data encryption using encryption keys that are stored and managed on premises. All encryption takes place inside your network through a proxy application that functions like a Cloud Access Security Broker (CASB).

With Edge Encryption, unencrypted target data is never stored in your ServiceNow instance. Edge encryption also provides you with the capability for automatic key rotation. It supports tokenization and substitution of data, such as credit card or social security numbers, to match standard data structures.

The trust has other options listed too

View solution in original post

Jeff Currier · ‎03-07-2019

The best descriptions are on the ServiceNow Trust site, For edge encryption and column level encryption.

Here is the current text.

Column level

We simplify data security at the application level by giving you the option to perform column‑level encryption on fields and attachments. This feature is available to all our cloud services as well as custom‑built applications developed on the Now Platform.

We support AES‑128, AES‑256, and 3DES encryption algorithms, and apply your choice to encrypt data. To mitigate the possible compromise of encrypted customer data, we re‑encrypt (wrap) your keys with a secondary key. In some cases, data stored in fields and attachments that is encrypted cannot be searched for or reported on.

Edge Encryption

The ServiceNow Edge Encryption application provides you with advanced data protection capabilities. It lets you perform data encryption using encryption keys that are stored and managed on premises. All encryption takes place inside your network through a proxy application that functions like a Cloud Access Security Broker (CASB).

With Edge Encryption, unencrypted target data is never stored in your ServiceNow instance. Edge encryption also provides you with the capability for automatic key rotation. It supports tokenization and substitution of data, such as credit card or social security numbers, to match standard data structures.

The trust has other options listed too

Abhi95 · ‎03-07-2019

Thanks Jeff, for your valuable inputs.

As per my understanding during the search of column level encryption got to know that only string fields and attachments can be encrypted, so is there anyway we can encrypt reference and dropdown fields with hep of column level encryption ?

Jeff Currier · ‎03-10-2019

I have not seen this. I think it would be highly unusual to encrypt fields used in a dropdown list as these would only be exposed to users of that form (with access to that form) and thus would be visible to those users anyway. Would you just be better off restricting access to the form or controlling the list based on role/group? What would be you goal in encrypting these fields?

Abhi95 · ‎03-10-2019

I am looking to encrypt a reference field on the form. is it possible with column level encryption ?