System Security

What Everybody Should Know About ServiceNow Security

By |2018-07-09T14:59:58-05:00June 30th, 2011|Categories: Showcase, System Definition|Tags: , , , , , |

Follow these guidelines to make sure you’re using the right security technique for every situation! Security in ServiceNow is a very important, but often very confusing subject to get the hang of. ACLs, business rules, client scripts, and UI policies can all affect the security in your system to varying levels. Improper use of any of [...]

Identifying the Client or Session IP Address

By |2018-07-09T15:00:01-05:00February 28th, 2011|Categories: Scripting|Tags: , , , |

As a Service-now administrator or consultant, you may run into situations where it is necessary to identify the IP address of a user session before performing some action. These situations are almost always security-related. For example, you may want to restrict the ‘Delete’ operation for Change request tickets to users at a specific location, or you [...]

Fixing the Fatal Flaw of Before Query Business Rules

By |2018-07-09T15:00:02-05:00January 5th, 2011|Categories: Business rules|Tags: , , , |

While this customization may still be necessary in certain situations, ServiceNow handles this issue in Aspen builds or later without any customization. I’ve written before on SNCGuru about how ‘before query’ business rules can (and should) be used to secure row-level read access to records in Service-now. While this usually works perfectly, there is one issue [...]

Allow Group Managers to Manage Group Members

By |2018-07-09T15:00:08-05:00August 9th, 2010|Categories: System Definition|Tags: , , , , |

I often get the request to set up access for group managers to be able to manage the members of their groups in ServiceNow. This configuration isn’t too difficult to set up but it does involve a few different pieces. It’s also important to consider your group setup in your system before allowing access in this [...]

Controlling record access using ‘Before Query’ business rules

By |2018-07-09T15:01:32-05:00January 4th, 2010|Categories: Business rules|Tags: , |

System security is probably one of the more challenging things to implement in  While an out-of-box ServiceNow instance comes with the core security built-in, any implementation will inevitably have customizations in this area.  At some point, I plan on writing a basic security guide to help administrators and consultants make informed decisions about how security [...]

Go to Top