Data Encryption for Data-at-Rest and Data-in-Use

This document is a technical report detailing the encryption options available for data-at-rest and data-in-use within the ServiceNow Now Platform. It outlines the various encryption methods provided by ServiceNow, including standard Column Level Encryption (CLE) and Column Level Encryption Enterprise (CLEE). The report explains the ServiceNow Shared Responsibility Model, which emphasizes the partnership between the provider and customer in managing security responsibilities. It describes the Key Management Framework (KMF) that allows customers to customize cryptographic operations and manage encryption keys effectively. Additionally, the report covers the Platform Encryption subscription bundle, which includes Cloud Encryption and CLEE, detailing how these products work together to secure data. The document also discusses the key hierarchy for Cloud Encryption and the features of CLEE, including its ability to encrypt specific fields and attachments while allowing for controlled access based on user roles. Overall, the report serves to inform customers about the encryption capabilities and security measures available within the Now Platform.