Using Fortanix Data Security Manager with ServiceNow

1.0 Introduction

The purpose of this article is to describe the methods to configure and integrate Fortanix-Data-Security-Manager (DSM) SaaS solution with a ServiceNow instance for Customer managed encryption keys.

2.0 Prerequisites

An account on Fortanix DSM SaaS.
ServiceNow instance with Database Encryption and Customer-Controlled Switch feature. For more information, refer to https://docs.servicenow.com/bundle/tokyo-platform-security/page/administer/encryption-database/concept/dbe-css.html

3.0 Setting up the ServiceNow Instance

Refer to ServiceNow documentation on how to set up your ServiceNow instance and enable external KMS functionality.

Fortanix DSM SaaS service is globally available in North America, European Union, United Kingdom, Asia Pacific, and Australia regions.

4.0 Setting up Fortanix DSM

Sign up at https://smartkey.io/.
Log in to the Fortanix DSM UI.
Click the Integration tab in the left panel.
On the Integration page, click ADD INSTANCE on the ServiceNow wizard.
Figure 1: Integration tab
Enter the details as shown in the following screenshot.
Figure 2: ServiceNow details
1. Instance Name: This is your active ServiceNow instance name. Please provide the exact instance name. Any error in the name may result in unsuccessful integration.
2. Key expires after: Enter the period after which the key expires.
3. API Gateway: Use Fortanix managed API gateway. Option to set up your own API Gateway is coming soon.
Click SAVE to complete creating the application.
You can view all the instances by clicking View All on the integration wizard.
Figure 3: View all integrations
To edit the Key Expiry Duration, click the Edit icon for a ServiceNow instance.
Figure 4: Edit instance
Figure 5: Edit instance
After the setup please contact ServiceNow support ([email protected]) and provide your endpoint in the following format:
https://servicenow.fortanix.com/kek/<instance name>/<key_version>.
The service now Support team will then enable the Customer Control Switch for your instance.

5.0 Disabling the Key (Kill Switch)

In case the key is compromised, you can disable the key using the steps below:

1. In the Fortanix ServiceNow wizard, change the "Key expires after" field to 0.

2. After 15 mins, the ServiceNow database should crash, and you will not be able to access it via ServiceNow UI.

3. Raise a ticket with ServiceNow support team to inform the same.

6.0 Enabling the Key (Kill Switch)

1. Change the "Key expires after" field to a value greater than 0 (recommended value: 2 days).

2. Raise a ticket with ServiceNow support team to re-enable the database.

Using Fortanix Data Security Manager with ServiceNow

1.0 Introduction

2.0 Prerequisites

3.0 Setting up the ServiceNow Instance

4.0 Setting up Fortanix DSM

5.0 Disabling the Key (Kill Switch)

6.0 Enabling the Key (Kill Switch)

PLATFORM

Key Insight

Data Security Manager™

Confidential Computing Manager

Enclave Development Platform®

Request A demo

Contact Us

Free Trial

SOLUTIONS

AWS KMS External Key Store (XKS)

Google External Key Manager

Bring Your Own Key (BYOK)

HSM Modernization

Multicloud Key Management

Post Quantum Cryptography

Code Signing

Secrets Management

Tokenization Transparent

Database Encryption

Filesystem Encryption

Confidential Data Search

Confidential AI

Healthcare

Banking & Financial Services

Fintech

Manufacturing

Web 3.0

Federal Government

RESOURCES

Blog

Whitepapers

Datasheets

Solution Briefs

Ebooks

Reports

Case Studies

Webinars

University

Media Kit

Newsletters

COMPANY

About

Careerswe’re hiring

Customers

Partners

Awards

Events

Press

News

Services

Support

FAQ

4.6