Security Justification
Introduction | Listen and Learn
Data Security | Access | ServiceNow Store | Codebase | Platform Security
Introduction
This page addresses the common concerns about the Security Posture of Discovery Admin
Listen and Learn
if you prefer to listen instead of read, click the PLAY button below for a conversational summary of this page
Data Security: No Data leaves your ServiceNow Instance
Discovery Admin is a fully scoped App on the ServiceNow Platform and does not have any external integration.
All the data and the processing happens on the ServiceNow Instance. There is no data that leaves the ServiceNow Instance.
As a result, QuickNexus does not have access to or visibility into the installed Discovery Admin App or any Customer Data processed by the Discovery Admin App on the ServiceNow Instance.
Access: We don't need access to your ServiceNow Instance
The Discovery Admin Support Team doesn’t need access to the ServiceNow Instance.
We simply enable the existing Customer Resources to use Discovery Admin leveraging Contextual Hints, Knowledge Articles, Recorded Videos, and Live Training Sessions.
ServiceNow Store: Deployments are done via the ServiceNow Store
To ensure code quality and code integrity, all installations and upgrades to Discovery Admin are deployed only via the ServiceNow Store. We have no other way of deploying Discovery Admin to the ServiceNow Instance.
As a ServiceNow Store pre-requisite, numerous automated and manual checks are performed for every release of Discovery Admin (by ServiceNow) before it is certified and published to the ServiceNow Store.
We also work with ServiceNow App Certification Resources, who ask us to demo new functionality and explain certain parts of the code, in addition to their internal automated and manual checks.
As a result, the code quality and integrity align with ServiceNow Best Practices.
Codebase: Every Customer runs the same Codebase
Every Discovery Admin Customer runs the same Codebase which is Certified by ServiceNow.
We do not deploy any Customer-specific Customizations, thereby ensuring Code Integrity.
Platform Security: Discovery Admin inherits ServiceNow Platform Security
Discovery Admin is as secure as any other Application on the ServiceNow Platform.
All the ServiceNow Platform Security checks and balances are inherited by Discovery Admin, right out-of-the-box, since Discovery Admin is completely native to and lives on the ServiceNow Platform.
Use of AI or ML: Discovery Admin does not use AI or ML
Discovery Admin does not use AI (Artificial Intelligence) or ML (Machine Learning).
We use SQL Queries on the tables in the ServiceNow Instance leveraging ServiceNow APIs via Javascript.
This eliminates the ambiguity in how your data is processed, eliminates the need for data to leave your ServiceNow Instance, and provides complete visibility in the code that underpins Discovery Admin.
Analogy: Apple App Store for iOS Devices
Consider the ServiceNow Store for ServiceNow Apps to be analogous to the Apple App Store for iOS Apps.
Consumers of iOS Apps trust Apple to govern the security of iOS Apps.
These Apps run on your iOS Device (without the App creator needing access to your iOS Device).
This is similar to how Discovery Admin runs on your ServiceNow Instance (without us needing access to your ServiceNow Instance).
You trust iOS Apps because you trust Apple and its processes to whet the Apps before they are published to the Apple App Store.
This is similar to how your Organization already has a trusted relationship with ServiceNow and ServiceNow has whetted Discovery Admin, before publishing it to the ServiceNow Store.