Data sharing, Data overflow processing, and Security & privacy in AI Control Tower

  • Release version: Yokohama
  • Updated March 12, 2026
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Data sharing, Data overflow processing, and Security & privacy in AI Control Tower

    This content describes key capabilities in AI Control Tower for managing data sharing, traffic overflow, and security/privacy monitoring within ServiceNow’s AI environment. These features help ServiceNow customers improve AI model accuracy, maintain performance during traffic spikes, and monitor data integrity and security risks related to large language model (LLM) usage.

    Show full answer Show less

    Data Sharing

    By default, AI Control Tower shares data with ServiceNow to enhance AI accuracy, user experience, and business insights. Customers can opt out to deactivate data sharing, but this means no longer contributing to improving ServiceNow AI products. Data sharing is crucial for continuous enhancement of AI capabilities.

    Data Overflow Processing

    To manage traffic spikes in Now Assist, overflow traffic is automatically redirected from ServiceNow datacenters to Microsoft Azure datacenters by default, ensuring consistent performance. Customers can opt out to keep all traffic within ServiceNow datacenters exclusively. Note that overflow processing is inactive by default and available in read-only mode for sub-production instances in multi-instance setups.

    Security & Privacy

    AI Control Tower provides configurable monitoring charts and settings to detect potential security and privacy risks in LLM input and output, helping customers maintain data integrity and compliance.

    • Data Integrity Incident Detection: Tracks potential violations of LLM guardrail policies based on industry standards (e.g., OWASP Top 10). Customers can activate or deactivate this monitoring, adjust sampling rates, set AI call limits, and choose single or multiple LLM analysis for greater accuracy.
    • Agent Goal Deviation: Monitors AI agent behavior for deviations from intended goals, such as unauthorized actions or prompt injection attempts. Similar configuration options as incident detection apply.
    • Output Screening: Detects AI-generated output containing potential personally identifiable information (PII) or security vulnerabilities, including patterns like cross-site scripting or SQL injection risks. Customers can enable data collection for various PII categories and vulnerability patterns, with a 90-day retention on inactive charts.
    • Sensitive Data Input and Anonymization: Displays enabled data privacy patterns for detecting and anonymizing sensitive data in LLM prompts, requiring the Data Privacy plugin.
    • Score Weight: Allows customers to customize how different LLM guardrail categories contribute to overall security scoring by adjusting or deactivating categories.

    Practical Benefits for ServiceNow Customers

    • Improved AI models through controlled data sharing with ServiceNow.
    • Consistent Now Assist performance during traffic spikes via overflow processing with Azure datacenters, with flexible opt-out options.
    • Robust security and privacy monitoring to detect data integrity issues, unauthorized agent behavior, PII exposure, and security vulnerabilities in AI outputs.
    • Configurable settings provide control over monitoring intensity, data retention, and the balance between accuracy and resource usage.
    • Helps customers maintain compliance with data privacy policies and industry security standards when leveraging AI capabilities.

    Explore the Data sharing, Data processing, and Security & privacy sections.

    The section focuses on improving AI models, managing datacenter traffic, and enabling metrics to measure the integrity of your data model and monitor potential threats in large language model (LLM) input and output.

    Data sharing

    By default, Data sharing is active. You can opt out to deactivate AI Control Tower and share your data with ServiceNow to improve AI accuracy, enhance user experiences, and gain a better understanding of business needs.

    Data sharing on the Configurations screen.

    Data sharing helps enhance ServiceNow products, but if you choose to opt out of the ServiceNow data sharing program, you’ll no longer be able to contribute data to improve ServiceNow AI products.

    For information on data sharing opt-out, see Opt out of data sharing.

    Data overflow processing

    By default, all Now Assist traffic is managed within ServiceNow datacenters. If there are traffic spikes, the system automatically redirects to Microsoft Azure datacenters to maintain performance. You can opt out of this feature to keep all Now Assist traffic exclusively within ServiceNow datacenters. By default, data overflow processing is inactive.

    Note:
    The Data sharing and Data overflow processing features are available for a sub-prod instance in read-only mode, when Multi-instance setup is configured and active.

    Security & privacy

    Data integrity incident detection
    These configuration settings control the Data integrity incident detection chart, which is designed to help show potential violations of certain LLM guardrail policies in LLM responses. To show data for this chart on the dashboard, select Configure, and then select Active. If you want to discontinue collecting data for the chart, deselect Active.
    Note:
    If you inactivate the chart, past data shows on the chart for 90 days.
    You can configure these settings:
    • Categories – Security and content moderation policies grouped into categories that reflect industry practices that align with OWASP Top 10 Risk & Mitigations for LLMs and Gen AI Apps and the OpenAI model specification.
    • Sampling rate – The percentage of transactions that are evaluated. Selecting a rate lower than 100% results in fewer AI calls, but potentially less accurate data.
    • Max skill calls per execution – The amount of AI usage per call. The minimum is 10 calls; the default is 1,000 calls. Entering a lower number results in fewer AI calls, but potentially less accurate data.
    • Single or multiple analysis – Single analysis uses the default LLM to determine whether the model's output or behavior violates predefined security policies. Multiple analysis uses the results from three or more LLMs that ServiceNow supports to make a determination, using the majority result from the LLMs. Multiple analysis requires an odd number of LLMs.
    Agent goal deviation
    These configuration settings control the Agent goal deviation chart, which shows when AI agents may be deviating from their intended role or objective. For example, unauthorized actions or prompt injection attempts. To show data for this chart on the dashboard, select Configure, and then select Active. If you want to discontinue collecting data for the chart, deselect Active.
    Note:
    If you inactivate the chart, past data shows on the chart for 90 days. Due to the probabilistic nature of the data model, not all occurrences may be identified.
    You can configure these settings:
    • Sampling rate – The percentage of transactions that are evaluated. Selecting a rate lower than 100% results in fewer AI calls, but potentially less accurate data.
    • Max skill calls per execution – The amount of AI usage per call. The minimum is 10 calls; the default is 1,000 calls. Entering a lower number results in fewer AI calls, but potentially less accurate data.
    • Single or multiple analysis – Single analysis uses the default LLM to determine whether the AI agent's or skill's response diverges from the expected output. Multiple analysis uses the results from 3 or more LLMs to make a determination, using the majority result from the LLMs. Multiple analysis requires an odd number of LLMs.
    Output screening
    These configuration settings control the AI agent output with PII detected and Agentic output injection detection charts, which show when agents' LLM output contains potential PII or potential security-vulnerable patterns. To show data for these charts on the dashboard, select Configure, select Active, and then select a setting for the data to collect. If you want to discontinue collecting data for the charts, deselect Active.
    Note:
    If you inactivate the charts, past data collected shows on the charts for 90 days.
    You can configure these settings:
    • Output Security Vulnerability – Collect and show data in the Agentic output injection detection chart. The data is collected by analyzing LLM output for known potential vulnerable patterns and potential corresponding attack vectors. For example, HTML tags shouldn't have scripts associated with them for cross-site script attacks (XSS), or stacked SQL queries could result in SQL injection attacks.
    • Output Extended PII – Collect more potential PII data occurrences and show in the AI agent output with PII detected chart. The data is collected by analyzing LLM output for additional potential PII data patterns beyond those specified in Data Privacy. These PII data patterns include U.S. CA drivers license, U.S. passport number, and vehicle ID number.
    • Output PII Violation – Collect and show data in the AI agent output with PII detected chart. The data is collected by analyzing LLM output for potential PII sensitive data patterns specified in Data Privacy. For example, U.S. phone number or credit card number.
    Sensitive data input and anonymization
    This section shows the data patterns enabled in Data Privacy to detect and anonymize information in LLM prompts. Use this view as a quick reference when troubleshooting Sensitive data detected and Sensitive data anonymized charts. This feature requires the Data privacy plugin to be installed. For more information on how the data is sent and stored, see User data usage policy for Now Assist.
    Score weight
    This setting controls how the LLM guardrail categories that comprise the score are weighted. You can change the default weights or remove categories from the score by deactivating them. The score formula is an average across all managed AI assets.
    AI asset security score configuration with default weights shown.