Why Use ACLs?

There are many ways to secure data. Passwords, PINs, encryption and two-factor authorization are examples of approaches to securing access to data, however these approaches operate at an overarching or global level. Within ServiceNow we need a means of securing data with more finesse.

ACL's allow us granular access to data, ranging from granting access to all tables within the instance, right down to controlling access to an individual field on an individual record within a single table.

ACLs allow us to meet the needs of business by partitioning off access to certain data based upon a User's role or some other set of criteria (conditions). For example we could use ACLs to stop anyone from updating records that were no longer active or we could limit the people who can create records in a table to only those that hold a specific role. If we wanted to we could even limit how people could search for data by using a query ACL (more on those later) or we could limit the people able to read a particular table to only those that are presenting an IP address within a specific range.

While ACLs can be confusing, one you have them mastered you see them as the clever tool they are, as they give you great power combined with delicate control over the access users have to the data within your ServiceNow environment.

Image: ACLs allow you to target data you wish to secure with fine granularity.

Lesson Summary

Access Control Lists (ACLs) provide a way to secure data with great precision within a ServiceNow environment. Here are some key points about why ACLs are valuable:

• ACLs offer granular access control, allowing for precise permissions ranging from instance-wide table access to field-level or even record-specific restrictions.
• They enable implementing business requirements by restricting data access based on user roles or specific criteria.
• Examples of ACL usage include preventing updates to inactive records, limiting record creation to specific role holders, and controlling data search capabilities through query ACL implementation.
• ACLs can be utilized to restrict table access based on criteria like IP address ranges, adding an extra layer of security.
• Although mastering ACLs can be initially complex, once understood, they become a powerful tool providing intricate control over users' data access permissions within the ServiceNow environment.