Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

ServiceNow Edge Encryption

Log in to subscribe to topics and get notified when content changes.

ServiceNow Edge Encryption

With Edge Encryption, you control and possess all encryption keys for encrypted data.

Edge Encryption is a proxy application that resides in your network. It encrypts data before the data is sent over the Internet to your instance (encrypted while in flight). The data remains encrypted while stored in the instance (encrypted while at rest). The encrypted data is sent back to the proxy application when requested (encrypted in motion). Finally, the encrypted data is decrypted by the proxy before being sent to the client in your network.

Your security administrator specifies which fields are to be encrypted. AES 128 or AES 256 encryption algorithms can be used. Attachments can be encrypted on a table by table basis.

Depending on the encryption type chosen for a field, certain levels of UI filtering, sorting, or compare functionality can be preserved.

Figure 1. Edge Encryption

You own and manage the encryption keys. Encryption keys are never sent to the instance. ServiceNow never possesses the clear data and cannot see it. Three key storage mechanisms are supported: file store, Java KeyStore, and SafeNet. The Edge Encryption proxy obtains encryption keys from one of the key stores to encrypt and decrypt data.

This podcast offers additional information on Edge Encryption.