Protecting United States government information on HI
ServiceNow has an adjudicated Customer Support group that manages all issues reported by customers associated with the United States Government (USG), including:
- Federal agencies
- State, local, and tribal organizations with registered .gov or .mil domain addresses
- Federally Funded Research and Development Centers (FFRDCs)
USG customer support groups
The ServiceNow Customer Support department is organized into assignment groups. The two main assignment groups are Customer Support and USG Support. The main assignment groups are further sub-divided into specialized assignment groups. All USG customer cases are automatically assigned to one of the USG Support assignment groups.
Protecting USG information
USG information on HI is protected using several methods.
- USG cases can only be assigned to ServiceNow employees with the federal role. ServiceNow employees that do not have the federal role cannot see cases, case attachments, or case email messages associated with USG organizations.
- Only ServiceNow employees with the federal role can generate credentials for USG instances.
- ServiceNow employees with the customer_accessor role can only access commercial customer cases, not USG customer cases.
- A non-USG ServiceNow employee cannot impersonate an employee with the federal role, an employee with the federal_admin role, or a customer associated with a USG organization.
- Email notifications generated by a USG case are sent only to ServiceNow employees with the federal role and to customers associated with a USG organization. The recipients specified in the To, CC, and BCC fields are all checked for USG credentials automatically when the case is associated with a USG organization.
- Only ServiceNow employees with the federal role and users associated with a USG organization can be added to the watchlist of a USG case. Email addresses cannot be added manually to watchlists on USG cases.
- ServiceNow partners can be associated with USG customers. Users with the partner_admin role working for a ServiceNow partner can create cases for USG customers to which the partner is associated.
- The federal and federal_admin role are only granted to ServiceNow employees, not customers or partners. For customer or partner access to USG information, the USG field must be selected on the company record associated with the user.
- On USG cases, the email icon was removed from the header bar on the case form. This prevents users with the federal role from sending a USG case and associated information in an email to a user that does not have the federal role.
- On a USG company record, the Parent, Partner, and Support Partner fields list only USG organizations. This ensures that only USG parent or partner organizations can create and view cases for other USG organizations.
- A new field named USG Incident Management Group has been added to the Product Category record. The new field is used to route USG cases to USG Support assignment groups.
- HI contains several non-production instances (HIDEV, HITEST, HIQA, and HIUAT), to which ServiceNow employees have varying levels of access to. When HI is cloned over its non-production instances, USG cases, along with their associated email messages and attachments, are removed. This ensures that ServiceNow employees who do not have the federal role cannot see sensitive USG information on HI non-production instances.
Contacting customer support
For information about contacting ServiceNow customer support and submitting a case, see Customer Support for United States Government Customers.