10 Steps to lay off your NOW Platform security idiosyncrasies
As a ServiceNow System Administrator or Platform Owner you are responsible for platform performance and security. Based on industry best practices, security community recommendations and a ServiceNow implementers hard earned experiences through dozens of ServiceNow deployment projects, this checklist provides you with 10 steps to keep up with basic platform security.
- Do not put your personal user account credentials in Update Source connector – use the root admin account on source instance
- Do not put your personal user account credentials in Target Instance connector – use the root admin account on target instance
- Do not create Customer Updates and commit Update Sets as the System Administrator – use personal users only, always!
- Do not forget to check Password needs reset on a new local user – remember; passwords are personal
- Enable Multi-Factor Authentication (MFA) on all admin user accounts – and check off a box on the OWASP Top 10
- Always assign privileges by assigning roles to groups and users to groups – not roles to users
- Avoid customizing Base System ACLs to limit access on read-only user – leverage Out-of-Box role combinations by using snc_read-only role
- Delegate admin privileges in your NOW Platform environment based on the principle of Least Privilege – improve mitigation of another OWASP Top 10 recommendation
- Seek to enforce the principle of Separation of Duties as a way of ensuring change process and platform governance compliance
- Monitor and respond to unexpected user account activity and transactions on the NOW Platform. Generally, time to detect a breach is more than 200 days! Again, aim to align your practice with industry recommendations in the OWASP Top 10
Thanks for reading through these 10 basic steps to keep reminded of good platform security practices.
Read more in “Seven habits of highly effective ServiceNow Admins”