Enforce scope security for public sector digital services [New in Security Center 1.3]
Use the glide.enforce_security_scope.sn_gsm property to control how the application data from the Public Sector Digital Services application is accessed.
The ServiceNow Public Sector Digital Services application lets you develop public sector applications that deliver digital services to constituents, businesses, and agencies.
When glide.enforce_security_scope.sn_gsm is set to false, access to the application data within the global tables of the Public Sector Digital Services app may be accessible based on the access control lists (ACLs) of those global tables. When this property is set to true, access to data residing in global tables are only evaluated based off the ACLs shipped directly in the Public Sector Digital Services app. Setting this property to false may lead to information disclosure from over permissive ACLs.
To remediate this security risk, set glide.enforce_security_scope.sn_gsm to true.
More information
| Attribute | Description |
|---|---|
| Configuration name | glide.enforce_security_scope.sn_gsm |
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | boolean |
| Recommended value | true |
| Default value | true |
| Category | Access control |
| Security risk |
|
| Dependencies and prerequisites | None |
| References | Configuring Public Sector Digital Services |