Secure Data Handling

ServiceNow employees take every precaution to ensure customer data is protected while it is hosted in our secure cloud environment. We follow the principle of least privileges to ensure that our operators have only the access necessary to perform their job. Additionally, access to our production environment is protected using multi‑factor authentication and encrypted VPNs.

We have also implemented specific technological capabilities to protect against insider threat and data exfiltration. ServiceNow has a program called Controlled Access. It ensures that access to customer instances and data is logged and monitored, and that sufficient preventative controls are in place to adequately protect customer data against misuse or abuse of access.