Enforce ACL on HR Virtual Agent Data [New in Security Center 2.0]

  • Release version: Yokohama
  • Updated January 30, 2025
  • 1 minute to read

    • Discover how to set the glide.enforce_security_scope.sn_hr_va property to a secure value, preventing data leakage from the Virtual Agent Conversations scoped application.

    The glide.enforce_security_scope.sn_hr_va property restricts the access control lists (ACLs) of several human resources (HR) tables to only consider the sn_hr_va scope. If this property is not set to the recommended value of true, then data from the Human Resources: Virtual Agent Conversations scoped application will be exposed to ACLs from all other scopes. For example, this could allow the IT Administrator to access HR data.

    More information

    Attribute Description
    Configuration name glide.enforce_security_scope.sn_hr_va
    Configuration type System Properties (/sys_properties_list.do)
    Data type boolean
    Recommended value true
    Default value false
    Category Access control
    Security risk
    • Severity score: 6.5
    • CVSS score: Medium
    • Security risk details: Failing to set this property to the secure value true could expose data from the Human Resources: Virtual Agent Conversations scoped application to ACLs from all other scopes.
    Dependencies and prerequisites None