Maximize Your Time Dealing With Encryption Solution Vendors.

 

If you're one of the many ServiceNow customers seeking more data security in the cloud, you might have already seen Part 1 of this series.  We explored a large chunk of baseline ServiceNow capability you'll want to run past your potential encryption vendors.  In this episode, we discuss maximizing your time with those vendors

 

WHY DO I NEED TIPS ON THIS?

From my experience, encryption & ServiceNow is a new discussion.  The existing vendors are still ramping up their capabilities and teams.  The kind of product assessment and deployment cycles you used to do in days are now going to take weeks (unless you take my advice )

 

1 - LAWYER UP

Encryption providers are very particular about defending their competitive advantages and will usually want an NDA in place before discussing the specifics of their solution.  Since you've already come equipped with a checklist, they're going to need to talk specifics right away.  Save yourself some time and have your legal team's NDA ready before you start knocking on doors.

 

2 - INSIST ON SERVICENOW SME'S ON ALL CALLS

"But Robert, doesn't this go without saying?"
No, it doesn't.  In all of my interactions, the vendors want you sold on the solution before pulling in the ServiceNow specific resources.  But your checklist will require demonstrations on a ServiceNow knowledgeable resource can provide.  Trust me on this, and you'll reduce your time to selection and deployment by *weeks*.

 

3 - UNDERSTAND THE LIVING SUPREME $%&* OUT OF VARIABLE DATA STRUCTURE

I'll post a blog on this specifically, but for now understand this:  in all solutions offering variable encryption, you need to know exactly where that variable's answer is stored.  Further, you may need to encrypt options available in multiple choice or select box variable types.  Odds are your vendor SME's won't know these tables either.  Its all on you.  This will be of immense importance for...

 

4 - DEMAND USING STRONGEST LANGUAGE POSSIBLE:  DEMO MUST SHOW VARIABLE ENCRYPTION

The nature of variables makes them harder to encrypt in the various encryption management consoles.  Nothing kills interest in this venture faster than talking about variable encryption for *weeks*, then coming to a POC where it can't be demonstrated.  I've assessed almost every encryption vendor offering a ServiceNow solution and the success rate on demos has been 0% - "we don't have the right person on the call".  Save yourself some time. Insist on it.

 

5 - ASK FOR A POC

Vendors will ask you to provide an instance for them to POC on.  Unless you have the luxury of a non-dev Prototype / Sandbox instance, I strongly suggest you push back and demand they provide the instance.  Because...

 

6 - >>> ENCRYPTION ISN'T BACKWARDS COMPATIBLE <<<

Of all the solutions I've assessed this quarter, none will encrypt past data.  They suggest exporting and re-importing data to engage encryption, which is possible, but laborious.  If you want to encrypt attachments, you're going to have a devil of a time doing it in arrears.

 

So with all the time you're about to save assessing your encryption providers, how about throwing me a like, bookmark, or a comment.

 

 

 

NEW:

Encryption: How not to get $#%&ed Part 3

Part 4 - Understanding the $#!% out of Variables