Vault tools and metrics
Learn about the tools and metrics ServiceNow Vault uses to protect and discover sensitive data.
ServiceNow Vault integrates with several tools to provide you with a cohesive overview of your sensitive data security. You can hover over a widget to get further insight on the reported data. Select the Go to button on any tool to go to its respective page.
Know your data
ServiceNow Vault uses Data Discovery and Data Classification help you understand and know your data.| Tool | Metric | Description |
|---|---|---|
| Discovery Use Data Discovery to run a discovery scan to look for data patterns that might be sensitive data. Once discovered, data can then be reviewed or classified for further protection and management. |
Discovered data | Occurrences of sensitive data across tables in your instance, categorized by sensitive data pattern type. |
| Discovery status | Current state of all discovered sensitive data patterns, including new findings pending review, classified, or marked as ignored. | |
| Discovered attachments | Total sensitive data occurrences in attachments across tables in your instance. | |
| Classification Data Classification creates data classes and helps organize your data into data classes for better management. Classified data can be protected at the class level. |
Classifiable data | Tables or columns that can be classified. |
| Classified data | Dictionary entries, tables, or columns that are classified. |
Protect your data
ServiceNow Vault uses data anonymization, cloud encryption, field encryption, and zero trust access to help secure and protect your data.| Tool | Metric | Description |
|---|---|---|
| Anonymization Anonymize data by data class with different anonymization techniques to preserve data patterns but remove sensitive data. Useful for sanitizing instances for development or removing specific user data because of rights to be forgotten. |
Existing data | All classified data per workflow that is anonymized or not. |
| Real time data | Number of successful real-time calls to anonymize sensitive data as it enters the platform, by channel. | |
| Anonymization run times | How long scheduled user- or data-based jobs ran in hours for existing data. | |
| Cloud Encryption with Key Management Securely protect sensitive data in encrypted storage for your data using block encryption, along with enhanced key management. |
Active cloud key | Total rotations of the active cloud key. 注: To view this data, you need the Key Management Framework admin role (sn_kmf.admin or sn_kmf.cryptographic_manager). |
| Key rotation | Time elapsed between each rotation of active keys on your instance. Bar height measures how long a key was used before rotation. 注: To view this data, you need the Key Management Framework admin role (sn_kmf.admin or sn_kmf.cryptographic_manager). |
|
| Field Encryption Securely protect sensitive data while providing access for authorized users. Useful for increasing protections from bad actors. |
Encrypted fields classification status | Classification status of all data protected with Field Encryption. |
| Classes protected with Field Encryption | The proportion of classified data protected withField Encryption. | |
| Active encryption keys | Number of active Field Encryption keys in your instance. Ideally, the number of active keys matches the number of classifications. 注: To view this data, you need the Key Management Framework admin role (sn_kmf.admin or sn_kmf.cryptographic_manager) and the security_admin role. |
|
| Zero Trust Access (ZTA) Continuous authentication while accessing classified sensitive data in real time. |
Continuous Authentication classification status | Number of classifications that are protected due to the Continuous Authentication policies. |
| Classes protected with Continuous authentication | Number of classes protected with continuous authentication, categorized by class. |
Monitor your data
The AI Insights section within ServiceNow Vault helps you keep track of activities that may indicate potential threats or data leaks using charts created by Now Assist. This insight can help you prioritize your data protection strategies more effectively. Select View tool metrics to see the underlying metrics.
| Metric | Chart Component | Description |
|---|---|---|
| User entering sensitive data | In tables with real-time discovery | The number of users whose sensitive data entries were detected in database tables configured with real-time discovery. |
| In channels | The number of users whose sensitive data entries were detected within channels such as Now Assist or Virtual Agent. | |
| Channels with sensitive data | Channel bars (x-axis) | Stacked bars representing each channel where sensitive data was detected, broken down by data patterns. The data pattern legend displays the color code for each pattern. They may include driver license numbers, financial information, and personal identifiers. |
| Occurrences of sensitive data (y-axis) | The count of sensitive data instances detected per channel. | |
| Tables with sensitive data found through real-time discovery | Table bars (x-axis) | Stacked bars representing each database table where sensitive data was detected, broken down by data patterns. |
| Occurrences of sensitive data | The count of sensitive data instances detected per table. |
All ServiceNow Vault tools
|
Key Management and Field Encryption is a suite of highly configurable encryption modules |
|