Division supported launch of ServiceNow
The ITS division of Information Security, Privacy & Identity Management contributed in a variety of meaningful ways toward the ServiceNow launch.
All of the staff members of the Information Security Office within ITS have provided expertise toward the launch of ServiceNow — from the earliest stages of investigating a replacement for Remedy to now in post-launch, contributing to enhancements big and small.
Whether the Security professionals officially served on individual committees or whether they were pulled into research ad hoc for specific inquiries, the entire Information Security Office team was involved and interested in ServiceNow. Team members provided consulting and guidance on various security-related topics and configurations, such as two-factor authentication with Duo for fulfillers, HR-led processes for staff off-boarding whether voluntary or nonvoluntary, and new operating procedures to engage the Security Office for direct engagement.
The Information Security Office’s Larry Fritsche and Mel Radcliffe participated in the Technology Service Planning Team, a group of about 40 people who worked for several years on the project even before the University purchased ServiceNow. The group really got rolling on implementation in April 2019.
That group dug into such key issues as defining what is an incident and service request and planning for Remedy change management, and other implementation issues related to the transition from Remedy. As recently as early 2019, Security contributed to this team by helping to establish requirements for service requests.
“It was really helpful to sit with Larry to learn how he uses Remedy and their workflow and how it would change in ServiceNow,” said Brenda Carpen, Project Lead for ServiceNow and an ITS project manager. “He was enthusiastic of using ServiceNow. We understood that early on, and we made sure we understood what they needed, and recognized that their needs are high priority.”
The Information Security Office also assisted with workflow to simultaneously improve the user experience and ability for the ISO to complete requests for changes and services. Michael Williams, the Information Security Office’s Network Firewall Lead, collaborated to outline Security’s desired workflow for firewall tasks production for firewall requests.
Also, on workflow, Security helped the ServiceNow team and the ITS Operations Center with critical alerts and XMatters — how to manage notifications for distribution groups.
“Tweaks continue, but already the workflow is much better,” Fritsche said.
In other efforts toward ServiceNow, the Information Security Office also contributed to the configuration management database (CMDB) work group. In particular, Security staffers helped with firewall-related design and rules in support of auto-discovery service to populate data into the enterprise configuration management database. The CMDB, which is led by Brent Caison of ITS Infrastructure & Operations, is still in the early stages and is a very complex endeavor that will benefit all of ITS, including Security.
Identity Management’s role
The Identity Management group also contributed to the ServiceNow project. The unit:
- Set up single sign-on (SSO) authentication
- Developed Group structures for authorization
- Provided configuration for numerous Group assignments within ServiceNow