Security jump start (ACL rules) (instance security hardening)
Activate the Security Jump Start (ACL Rules) (com.snc.system_security) plugin to create several important ACLs that validate the Access Controls on some of the key system tables within the ServiceNow AI Platform.
These rules provide a jump-start on securing many system tables, making it easier for an organization to get an instance into production. The Security Jump Start (ACL Rules) plugin is installed automatically on all new instances.
More information
| Attribute | Description |
|---|---|
| Plugin ID | com.snc.system_security |
| Configuration type | System Definition > Plugins |
| Configure in Instance Security Center | Yes |
| Purpose | Activate the Security Jump Start (ACL Rules) plugin to achieve proper security
compliance. It provides some basic ACLs that secure system tables in the first place instead of creating manually for each system table that comes with default provisioning of an instance. These ACLs are helpful when the newly created instance must quickly move into production. |
| Recommended value | Active |
| Functional Impact | There is significant functional impact if this plugin is installed without auditing of the existing ACLs on the instance. Customer outreach and definitions are required before the remediation can occur. |
| Security risk | (High) Access control should be enforced to lock down the unintended access to the instance. ACL jumpstart rules were created to provide a starting point on securing many system tables to make it easier for an organization to quickly get into production. |
| References | Security jump start - ACL rules |
Steps to configure
If this plugin is not activated on your instance, contact ServiceNow Support. Activating the plugin at this point might modify security access to tables already in use in a production environment. If an administrator is interested in the new ACL rules the plugin provides, you can manually create one or more of them in an existing instance if needed. This list of ACLs may be used as a guideline in that case.To learn more about activating a plugin, see Activate a plugin.