3DES Deprecation

Go to solution
AbishekV
Tera Contributor

‎05-13-2024 02:37 AM

Hi all,

 

Can someone explain what is partial and complete deprecation and what are legacy fields? Also what are the outcomes if I opt out off 3DES deprecation and how do I prevent it?

0 Helpfuls
  • 3,311 Views
1 ACCEPTED SOLUTION

Go to solution
Mahathi
Mega Sage
Mega Sage

‎05-15-2024 03:09 AM

Hi @AbishekV ,

Please see if the following information is useful: 

Partial Deprecation: In ServiceNow, partial deprecation typically involves marking certain features, methods, or functionalities as deprecated in the platform's documentation or through warning messages in the development environment. This means that while the feature is still available for use, it's no longer recommended because it may be removed or replaced in future releases. Developers are encouraged to transition to alternative approaches or features.

Complete Deprecation: When a feature or functionality is completely deprecated in ServiceNow, it means that it has been removed from the platform entirely. Any code or configurations relying on the deprecated feature will no longer work and must be updated to use supported alternatives. ServiceNow typically provides advance notice and guidance on deprecated features to help users migrate to newer solutions.

Legacy Fields: Legacy fields in ServiceNow refer to fields within tables or records that are outdated or no longer actively used but are retained for backward compatibility or historical reasons. These fields may have been replaced by newer fields or functionalities but are kept to support existing data or integrations. Legacy fields can clutter the user interface and may impact performance, so it's often recommended to clean them up when possible.

Outcomes of Opting Out of 3DES Deprecation in ServiceNow:

Opting out of 3DES deprecation in ServiceNow could have several consequences:

  1. Security Risks: Continuing to use 3DES encryption poses security risks as it is considered less secure compared to modern encryption algorithms like AES. This could potentially lead to data breaches or unauthorized access to sensitive information.

  2. Non-compliance: Depending on your organization's industry or regulatory requirements, using deprecated encryption standards like 3DES may lead to non-compliance with data security standards such as GDPR or PCI DSS. This could result in legal consequences or financial penalties.

Preventing 3DES Deprecation in ServiceNow:

To prevent the adverse outcomes associated with 3DES deprecation in ServiceNow, you can take the following steps:

  1. Upgrade Encryption Algorithms: Transition to more secure encryption algorithms supported by ServiceNow, such as AES.

  2. Review Configuration and Code: Identify any instances where 3DES encryption is being used within ServiceNow configurations, scripts, or integrations, and update them to use supported encryption methods.

  3. Stay Informed: Keep track of ServiceNow's release notes and announcements to stay informed about upcoming changes, including deprecations related to encryption standards.

  4. Testing: Thoroughly test your ServiceNow instances after making any changes related to encryption to ensure that all functionalities are working as expected and that data remains secure.

By following these steps, you can ensure that your ServiceNow instance remains secure and compliant with industry standards while avoiding the risks associated with the deprecation of outdated encryption algorithms like 3DES.

Please mark helpful if it helped answer your question.

Thanks,
Mahathi

View solution in original post

5 REPLIES 5

Go to solution
Mahathi
Mega Sage
Mega Sage

‎05-15-2024 03:09 AM

Hi @AbishekV ,

Please see if the following information is useful: 

Partial Deprecation: In ServiceNow, partial deprecation typically involves marking certain features, methods, or functionalities as deprecated in the platform's documentation or through warning messages in the development environment. This means that while the feature is still available for use, it's no longer recommended because it may be removed or replaced in future releases. Developers are encouraged to transition to alternative approaches or features.

Complete Deprecation: When a feature or functionality is completely deprecated in ServiceNow, it means that it has been removed from the platform entirely. Any code or configurations relying on the deprecated feature will no longer work and must be updated to use supported alternatives. ServiceNow typically provides advance notice and guidance on deprecated features to help users migrate to newer solutions.

Legacy Fields: Legacy fields in ServiceNow refer to fields within tables or records that are outdated or no longer actively used but are retained for backward compatibility or historical reasons. These fields may have been replaced by newer fields or functionalities but are kept to support existing data or integrations. Legacy fields can clutter the user interface and may impact performance, so it's often recommended to clean them up when possible.

Outcomes of Opting Out of 3DES Deprecation in ServiceNow:

Opting out of 3DES deprecation in ServiceNow could have several consequences:

  1. Security Risks: Continuing to use 3DES encryption poses security risks as it is considered less secure compared to modern encryption algorithms like AES. This could potentially lead to data breaches or unauthorized access to sensitive information.

  2. Non-compliance: Depending on your organization's industry or regulatory requirements, using deprecated encryption standards like 3DES may lead to non-compliance with data security standards such as GDPR or PCI DSS. This could result in legal consequences or financial penalties.

Preventing 3DES Deprecation in ServiceNow:

To prevent the adverse outcomes associated with 3DES deprecation in ServiceNow, you can take the following steps:

  1. Upgrade Encryption Algorithms: Transition to more secure encryption algorithms supported by ServiceNow, such as AES.

  2. Review Configuration and Code: Identify any instances where 3DES encryption is being used within ServiceNow configurations, scripts, or integrations, and update them to use supported encryption methods.

  3. Stay Informed: Keep track of ServiceNow's release notes and announcements to stay informed about upcoming changes, including deprecations related to encryption standards.

  4. Testing: Thoroughly test your ServiceNow instances after making any changes related to encryption to ensure that all functionalities are working as expected and that data remains secure.

By following these steps, you can ensure that your ServiceNow instance remains secure and compliant with industry standards while avoiding the risks associated with the deprecation of outdated encryption algorithms like 3DES.

Please mark helpful if it helped answer your question.

Thanks,
Mahathi

Go to solution
cjpolanco
Tera Contributor
In response to Mahathi

‎03-06-2025 08:04 AM

Hi,

 

Thanks for this. I'm new to Security Center and saw this, if SSO is used, how does this affect us?

0 Helpfuls

Go to solution
Abishek1998
Tera Contributor

‎07-02-2024 03:28 AM

Hi ,

I just got a mail from ServiceNow regarding MIS Server 3DES support. It says that my instance use SSH-based Discovery and/or SSH-based integrations. 

What should be done here

 

0 Helpfuls

Go to solution
andreeatrif
Tera Contributor
In response to Abishek1998

‎11-27-2024 03:56 PM

Hi someone in the infrastructure team needs to follow this KB. 

3DES deprecation in SSH from Xanadu - Support and Troubleshooting

It involves verifying if the servers have other algorithm options, and if they do, no action is needed. If 3DES is the only option they use, there needs to be some updates taking place. 

0 Helpfuls