What is the basic difference between edge level and column level encryption. What is the most specific to work with for data encryption.

Go to solution
Abhi95
Mega Expert

‎03-06-2019 07:00 PM

What is the basic difference between edge level and column level encryption. What is the most specific to work with for data encryption.

0 Helpfuls
  • 2,759 Views
1 ACCEPTED SOLUTION

Go to solution
Jeff Currier
ServiceNow Employee
ServiceNow Employee

‎03-07-2019 05:15 AM

The best descriptions are on the ServiceNow Trust site,  For edge encryption and column level encryption.

Here is the current text.

Column level

We simplify data security at the application level by giving you the option to perform column‑level encryption on fields and attachments. This feature is available to all our cloud services as well as custom‑built applications developed on the Now Platform.

We support AES‑128, AES‑256, and 3DES encryption algorithms, and apply your choice to encrypt data. To mitigate the possible compromise of encrypted customer data, we re‑encrypt (wrap) your keys with a secondary key. In some cases, data stored in fields and attachments that is encrypted cannot be searched for or reported on.

 

Edge Encryption

The ServiceNow Edge Encryption application provides you with advanced data protection capabilities. It lets you perform data encryption using encryption keys that are stored and managed on premises. All encryption takes place inside your network through a proxy application that functions like a Cloud Access Security Broker (CASB).

With Edge Encryption, unencrypted target data is never stored in your ServiceNow instance. Edge encryption also provides you with the capability for automatic key rotation. It supports tokenization and substitution of data, such as credit card or social security numbers, to match standard data structures.

 

The trust has other options listed too

 

View solution in original post

6 REPLIES 6

Go to solution
Jeff Currier
ServiceNow Employee
ServiceNow Employee
In response to Abhi95

‎03-11-2019 08:27 AM

I could not find a specific example of this, but I found some relevant information based on edge encryption, which may point you in the right direction.

Reference fields are not supported by Edge Encryption because the sysid that is being used to make the link between your form and the actual field needs to be in the clear.

The solution is to use a secondary field, encrypt it, and hide the reference from the form. The actual source field must be a string type and will need to be configured to be encrypted with one of the three available encryption types.

0 Helpfuls

Go to solution
Abhi95
Mega Expert
In response to Jeff Currier

‎03-13-2019 12:10 AM

Thanks Jeff, That is the way i am using.

0 Helpfuls