Overview

ServiceNow is committed to delivering robust, out-of-the-box security to our customers. With the Xanadu and Yokohama releases, we’ve introduced new powerful access control features that revolutionize how you secure your data and records.

These enhancements simplify the implementation of advanced security measures, ensuring your instance is both safe and easy to manage.

New Access Control Features:

• Security Data Filters
  
  • Security Data Filters apply safeguards directly to database queries, ensuring sensitive information never leaves the database.
    
  • It offers a strong alternative to Before Query Business Rules used for security use cases.
• Deny-Unless ACLs
  
  • Automatically deny access to data unless specific conditions are met, ensuring tighter control.
• Query ACLs
  
  • Restrict querying or sorting of data, even when users have permissions to read certain values.

These features are purpose-built to enhance security while providing flexibility for administrators and developers.

Customer Considerations

Enhanced Security Posture

Starting with the Yokohama release, ServiceNow products began adopting these new security controls across their features. This rollout will continue into the Zurich release, ensuring the highest level of security across the platform.

Granular Adoption

Each product team has carefully selected which access control enhancements best complement their existing configurations, ensuring seamless integration and improved protection out of box. Each product will have details covered as a part of their release notes and documentation updates.

Smooth Upgrades

To ensure smooth upgrades, some new controls are deactivated by default for customers transitioning from pre-Yokohama releases. This approach allows you to gradually adopt these new features without disrupting your existing workflows.

Getting Started

Discover Inactive Security Controls

You can easily identify and activate new security controls in ServiceNow Security Center using the Security Controls Activation Suite.

Quick Navigation

To review inactive controls, go to:

/scan_finding_list.do?sysparm_query=check%3D5d7853c37ff012100e0450546c866593%5Eresult.scan_type!%3Dtest_scan&sysparm_view=

ServiceNow recommends enabling these controls after thorough testing in a sub-production environment to ensure compatibility with your configurations.

What You Can Do Today

Here’s how you can make the most of these new features:

• Review Inactive Controls
  
  • Explore the controls that are deactivated by default and determine which ones can be activated safely.
• Adopt New Access Control Features
  
  • Implement Data Filters, Deny-Unless ACLs, and Query ACLs to strengthen your platform's security while simplifying maintenance.
• Test and Iterate
  
  • Use a sub-production environment to test these features before enabling them in production, ensuring a smooth transition.

By taking these steps, you’ll unlock the full potential of ServiceNow’s security enhancements, making your instance safer and more resilient than ever.

Learn More

For detailed guidance and tips on leveraging these features, check out our official release notes and product documentation.

By embracing these innovations, you’re not just securing your data—you’re empowering your team with tools that are built for the future.