Data sharing, Data overflow processing, and Security & privacy in AI Control Tower

  • Release version: Zurich
  • Updated March 12, 2026
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Data sharing, Data overflow processing, and Security & privacy in AI Control Tower

    The AI Control Tower in ServiceNow's Zurich release offers capabilities to enhance AI model accuracy, manage data center traffic, and ensure data integrity, security, and privacy when using large language models (LLMs). These features help ServiceNow customers optimize AI performance while safeguarding sensitive information and maintaining compliance with industry best practices.

    Show full answer Show less

    Data sharing

    By default, data sharing with ServiceNow is enabled to improve AI accuracy, user experience, and business insights. Customers can opt out of data sharing, but this disables their participation in improving ServiceNow AI products. Data sharing is essential for ongoing enhancement of AI capabilities within the platform.

    Data overflow processing

    This feature manages traffic spikes by redirecting Now Assist data traffic from ServiceNow datacenters to Microsoft Azure datacenters to maintain performance. It is inactive by default and customers may opt out to keep data traffic exclusively within ServiceNow datacenters. This functionality is read-only and available in sub-production instances when Multi-instance setup is active.

    Security & privacy

    The AI Control Tower provides multiple configurable charts and controls to monitor and protect AI interactions:

    • Data integrity incident detection: Tracks potential violations of LLM guardrail policies, with options to configure sampling rate, call limits, and analysis mode (single or multiple LLMs). Past data remains visible for 90 days after deactivation.
    • Agent goal deviation: Detects deviations of AI agents from intended roles, such as unauthorized actions or prompt injection attempts, with similar configurable settings as data integrity detection.
    • Output screening: Monitors AI-generated outputs for potential Personally Identifiable Information (PII) and security vulnerabilities, including specific patterns like U.S. driver's licenses, passports, and common attack vectors (e.g., XSS, SQL injection). These charts can be activated or deactivated with data retention for 90 days.
    • Sensitive data input and anonymization: Supports detection and anonymization of sensitive information within LLM prompts, requiring the Data Privacy plugin. This aids in troubleshooting and ensures compliance with data handling policies.
    • Score weight: Allows customization of how different LLM guardrail categories contribute to the overall security and privacy score, enabling customers to adjust or disable specific categories.

    These controls provide ServiceNow customers with detailed insights and flexible configurations to maintain AI security, privacy, and data integrity, helping to mitigate risks and enhance trust in AI-driven workflows.

    Explore the Data sharing, Data processing, and Security & privacy sections.

    The Data area focuses on improving AI models, managing datacenter traffic, and enabling metrics to measure the integrity of your data model and monitor potential threats in large language model (LLM) input and output.

    Data sharing

    By default, Data sharing is active. You can opt out to deactivate AI Control Tower and share your data with ServiceNow to improve AI accuracy, enhance user experiences, and gain a better understanding of business needs.

    Data sharing on the Configurations screen.

    Data sharing helps enhance ServiceNow products, but if you choose to opt out of the ServiceNow data sharing program, you’ll no longer be able to contribute data to improve ServiceNow AI products.

    For information on data sharing opt-out, see Opt out of data sharing.

    Data overflow processing

    By default, all Now Assist traffic is managed within ServiceNow datacenters. If there are traffic spikes, the system automatically redirects to Microsoft Azure datacenters to maintain performance. You can opt out of this feature to keep all Now Assist traffic exclusively within ServiceNow datacenters. By default, data overflow processing is inactive.

    Note:
    The Data sharing and Data overflow processing features are available for a sub-prod instance in read-only mode, when Multi-instance setup is configured and active.

    Security & privacy

    Data integrity incident detection
    These configuration settings control the Data integrity incident detection chart, which is designed to help show potential violations of certain LLM guardrail policies in LLM responses. To show data for this chart on the dashboard, select Configure, and then select Active. If you want to discontinue collecting data for the chart, clear the Active check box.
    Note:
    If you inactivate the chart, past data shows on the chart for 90 days.
    You can configure these settings:
    • Categories – Security and content moderation policies grouped into categories that reflect industry practices that align with OWASP Top 10 Risk & Mitigations for LLMs and Gen AI Apps and the OpenAI model specification.
    • Sampling rate – The percentage of transactions that are evaluated. Selecting a rate lower than 100% results in fewer AI calls, but potentially less accurate data.
    • Max skill calls per execution – The amount of AI usage per call. The minimum is 10 calls; the default is 1,000 calls. Entering a lower number results in fewer AI calls, but potentially less accurate data.
    • Single or multiple analysis – Single analysis uses the default LLM to determine whether the model's output or behavior violates predefined security policies. Multiple analysis uses the results from three or more LLMs that ServiceNow supports to make a determination, using the majority result from the LLMs. Multiple analysis requires an odd number of LLMs.
    Agent goal deviation
    These configuration settings control the Agent goal deviation chart, which shows when AI agents may be deviating from their intended role or objective. For example, unauthorized actions or prompt injection attempts. To show data for this chart on the dashboard, select Configure, and then select Active. If you want to discontinue collecting data for the chart, clear the Active check box.
    Note:
    If you inactivate the chart, past data shows on the chart for 90 days. Due to the probabilistic nature of the data model, not all occurrences may be identified.
    You can configure these settings:
    • Sampling rate – The percentage of transactions that are evaluated. Selecting a rate lower than 100% results in fewer AI calls, but potentially less accurate data.
    • Max skill calls per execution – The amount of AI usage per call. The minimum is 10 calls; the default is 1,000 calls. Entering a lower number results in fewer AI calls, but potentially less accurate data.
    • Single or multiple analysis – Single analysis uses the default LLM to determine whether the AI agent's or skill's response diverges from the expected output. Multiple analysis uses the results from 3 or more LLMs to make a determination, using the majority result from the LLMs. Multiple analysis requires an odd number of LLMs.
    Output screening
    These configuration settings control the AI agent output with PII detected and Agentic output injection detection charts, which show when agents' LLM output contains potential PII or potential security-vulnerable patterns. To show data for these charts on the dashboard, select Configure, select Active, and then select a setting for the data to collect. If you want to discontinue collecting data for the charts, clear the Active check box.
    Note:
    If you inactivate the charts, past data collected shows on the charts for 90 days.
    You can configure these settings:
    • Output Security Vulnerability – Collect and show data in the Agentic output injection detection chart. The data is collected by analyzing LLM output for known potential vulnerable patterns and potential corresponding attack vectors. For example, HTML tags shouldn't have scripts associated with them for cross-site script attacks (XSS), or stacked SQL queries could result in SQL injection attacks.
    • Output Extended PII – Collect more potential PII data occurrences and show in the AI agent output with PII detected chart. The data is collected by analyzing LLM output for additional potential PII data patterns beyond those specified in Data Privacy. These PII data patterns include U.S. CA drivers license, U.S. passport number, and vehicle ID number.
    • Output PII Violation – Collect and show data in the AI agent output with PII detected chart. The data is collected by analyzing LLM output for potential PII sensitive data patterns specified in Data Privacy. For example, U.S. phone number or credit card number.
    Sensitive data input and anonymization
    This section shows the data patterns enabled in Data Privacy to detect and anonymize information in LLM prompts. Use this view as a quick reference when troubleshooting Sensitive data detected and Sensitive data anonymized charts. This feature requires the Data privacy plugin to be installed. For more information on how the data is sent and stored, see User data usage policy for Now Assist.
    Score weight
    This setting controls how the LLM guardrail categories that comprise the score are weighted. You can change the default weights or remove categories from the score by deactivating them. The score formula is an average across all managed AI assets.
    AI asset security score configuration with default weights shown.