Who:
Scripps Health
8925 Rehco Road
San Diego, CA 92121
When:
January 2017
What: The client needed to ensure all data from its ServiceNow Platform was encrypted before leaving its data center.
The Challenge: Replace Remedy on-premises solution with ServiceNow Software as a Service (SaaS) solution while ensuring all sensitive information within ServiceNow is encrypted before the information leaves the Scripps Health network. Since encryption and tokenization change the nature of the data, the potential of the solution could affect instance processes. Therefore, before moving forward, the client had to carefully consider the impact on their instances by reviewing all aspects of encryption involved.
The Solution: Implement ServiceNow's Edge Encryption network encryption system, which resides on the client's network and decrypts sensitive data as it travels between the client's data center and the ServiceNow cloud instance. The Edge Encryption proxy servers were set up within a load-balancing configuration. Through encryption in motion, all identified fields with sensitive data were configured to be encrypted within the network before the data was sent over the Internet to the client's ServiceNow instance, where it remained encrypted at rest. When requested, the encrypted data was sent back to the Edge Encryption proxy server, which in turn decrypts the data before serving it to the web browser.
Specific individual fields were created and configured for encryption using AES 256-bit encryption keys and order-preserving encryption types. Encryption patterns were used as a supplement for matching tokenized strings with regular patterns such as Social Security and Medical Record Number (MRN) found outside identified encryption fields. All attachments were encrypted.
All of this ensured the encrypted data can only be viewed in clear text by a user logged in to the instance through a proxy server in on the network. Since the proxy server resided in the client network, the client owned and managed the encryption keys. As a result, sensitive data is never displayed in clear text to ServiceNow.
The Result: The Edge Encryption gateway between user browsers and the ServiceNow instance ensured traffic from the browser passes through the gateway on its way to the ServiceNow instance. The gateway, configured to encrypt outbound data that is marked for encryption and decrypt inbound traffic, allowed end user to see clear text in the browser. The advantage of this implementation from a security control perspective is that the encryption and key management are handled externally from ServiceNow. Ultimately, this allowed the client to move forward contractually while ensuring its customers' data was safe when leaving its data center.