ServiceNow makes it incredibly easy to connect multiple production systems together, typically with web services that allow the real-time exchange of data between two applications on a network or on the internet. This ability for one system to remotely access and manipulate another introduces yet another place where security must be considered.
The security of an integration relies on the security of the source and target systems, the communication channel, and the authentication and authorization systems used. Each integration should be assessed for security on each of these elements, although special attention should be placed on authentication and authorization.
Source and target system security
When data is being transmitted in an integration, it is subject to the assumption that both sender and receiver endpoints of the integration can be trusted to handle that data securely. If either system is compromised, the data could be exposed. Data stored...