Challenge
ServiceNow is the backbone of your enterprise’s business process transformation. This also means that ServiceNow captures and stores critical business data to provide appropriate Risk and Governance assessments through IT workflows. And with more and more datasets moving to the cloud, organizations tend to lose control over the data and there is also increased risk of unauthorized access to sensitive data stored within the cloud.
With Fortanix Data Security Manager SaaS (DSM SaaS), customers can bring a FIPS 140-2 Level 3 certified External Key Management Service for ServiceNow. Fortanix DSM SaaS has been directly integrated to ServiceNow’s Customer Controlled Switch (CCS) capability for database encryption. CCS allows customers to cut off access to their ServiceNow data at any time by putting data out of reach of anyone who tries to access it. Using Fortanix DSM SaaS, database encryption keys for CCS are managed outside of ServiceNow in Fortanix.
Joint Value proposition
To provide greater control to customers, ServiceNow offers a customer-controlled switch (CCS) capability. This offering requires customers to provide an API endpoint. With the Fortanix offering, customers can set up a cloud API endpoint integration in minutes and store their key within their own internal Key Management System or HSM.
Fortanix Data Security Manager SaaS (DSM SaaS) is an integrated data security service that combines encryption, key management, tokenization, and secret management in a single solution. Fortanix DSM SaaS allows customers to easily switch on the existing ServiceNow ‘CCS’ when deploying the ServiceNow instance. To get started, Fortanix Data Security Manager SaaS offers a ServiceNow connection wizard within the User Interface, which can set up the integration with their ServiceNow instance in less than 5 minutes. Instead of spending weeks for implementation, customers can make use of the inbuilt integration capability within Fortanix for easy deployment within minutes and get value in quick time.
Fortanix DSM SaaS provides FIPS 140-2 Level 3 hardware-based protection, with complete separation between users and regions as needed. Fortanix DSM SaaS also offers centralized management with audit logging, enterprise-level access controls, multisite and hybrid cloud support, built-in encryption, key management, tokenization, and support for a variety of interfaces including REST APIs, PKCS11, CNG, JCE, and KMIP.
Core features of the integration:
- Fortanix new ServiceNow Wizard, allows customers to set up the integration with their ServiceNow instance in less than 5 minutes.
- The service fully integrates with the encryption capability within MariaDB.
- ServiceNow customers can stop decryption of data-at-rest. Customer gets control of how to authorize the use of the ServiceNow data and keys.
- Customers store the keys in the Fortanix FIPS 140-2 Level 3 certified HSM and cryptographic operations are executed securely within the module.
- Ability to define and control policies for ServiceNow Key Encryption Key (KEK) from Fortanix DSM SaaS account.
- Audit logging when MariaDB accesses the key from Fortanix. Restricted access can also be enabled for MariaDB encryption keys to select users.