Cloud Security Customer Resources - Security

Cloud Security Customer Resources <div style="font-family: Arial, Helvetica, sans-serif; display: flex; align-items: stretch; flex-wrap: nowrap; width: 89%; background-position-x: initial; background-position-y: initial; background-size: initial; background-repeat-x: initial; background-repeat-y: initial; background-origin: initial; background-clip: initial; background-color: #032d42; height: auto; min-height: 80px; padding: 10px 0px 10px 0px;"> Cloud Security Customer Resources Security is a shared responsibility between the customer and ServiceNow. By working together we can ensure the safety of our customer's data hosted on the Now Platform ® Named Security Contact The ServiceNow Security Office (SSO)'s primary contact with a company will be via the named security contact (s) which the customer specifies, and/or the security distribution list associated with that customer's account in Now Support .

Instructions for updating the primary security contact field can be found here . It is essential that named contacts are authorized to deal with potentially sensitive security matters , and that they are contactable at all times. ServiceNow strongly advises that customers include both an email distribution list and an individual to fulfill this requirement.

Customers must also regularly check that the primary security contact can the email distribution list is kept up-to-date . These contacts will periodically receive security-related information from the SSO, usually by email. Customer contact details will be used exclusively for this purpose, and no other.

Security Best Practices Guide & Video The ServiceNow Security Best Practices Guide is an easy-to-follow guide to the main security features provided by the Now Platform and how to best use them to secure an instance.

This guide is specifically aimed at those who are tasked with the responsibility of keeping a ServiceNow instance secure.

The Security Best Practices Video (Security is a Journey, Not a Destination) is an introduction to how to secure Now Platform instance to help build the right security Framework.

Shared Responsibility Model The Shared Responsibility Model outlines the areas of responsibility between the customer and ServiceNow for the main aspects of Now Platform security.

Videos on Demand Educational ServiceNow security videos to learn more about security in the Now Platform.

ServiceNow CORE Compliance Portal Find answers to most common security questions, industry standard prefilled security questionnaires, and evidence of our certifications and attestations.

This link requires access to the ServiceNow CORE Compliance Portal . Find out how to access CORE here .

Security White Papers & How-to Guides A selection of documents including White Papers, Articles, and "How-To" Guides covering various aspects of platform security.

Data Privacy and GDPR Information Find out about the ServiceNow position on data privacy and the General Data Protection Regulation.

ServiceNow Trust Site Read about the ServiceNow approach to trust.

Penetration Testing Customer instance penetration tests are requested via Now Support. Customers will need to read the instructions on how to request permission to conduct a penetration test on their instance(s) in the article found here .

Security Knowledge Base Discover how the ServiceNow controls and processes protect customer data by browsing the Security Knowledge Base.

Security Incidents, Concerns, and Findings Customer security incidents, concerns, and findings are reported via Now Support. Please follow the instructions found in the article here .

ServiceNow Security Advisories The ServiceNow Security Advisories are provided to enable customers to self-serve relevant content about the ServiceNow security posture as it relates to various security items. These advisories are limited to the scope of the Now Platform and the supporting ServiceNow cloud environments.