Securing the Service Account users in Servicenow
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2024 03:35 AM
Hello friends,
We are filtering some of our records/CIs using the Query Before Rules. However, there are few Service Accounts which need to bypass this Query before Business Rule execution. This is implemented using the filter/condition in Business rules to exclude the execution for certain users - condition is gs.getUserDisplayName() is not 'ABC'. However, anyone with admin access can maliciously tamper the user record to have display name as ABC.
What is the most efficient way to achieve this behavior? My friend suggested to use the system properties to hold the sys_ids of the users but anyone with ADMIN access can tamper/update this system property.. @GunjanK
Thanks in advance,
R
- Labels:
-
Platform and Cloud Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2024 03:46 AM
Hi,
Admins will always be able to work around processes, it's why it's such a highly privileged role. If a customer is concerned about this, they need to review who has admin access in production and regulate it tightly.
Assuming these service accounts are only using APIs, consider using the gs.isInteractive() function to check whether the transaction is a user (via a webpage) or an API call.
