Exploring Continuous Authentication

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Exploring Continuous Authentication

    ServiceNow's Continuous Authentication (CA) enhances security by verifying a user's identity not only at login but throughout their session. Built on ServiceNow’s zero trust access security architecture, CA ensures users are explicitly authenticated and authorized continuously, minimizing implicit trust and limiting access to only necessary privileges. It proactively assumes a breach scenario to detect, contain, and respond to threats effectively.

    Show full answer Show less

    CA enables administrators to enforce step-up authentication or re-authentication when users attempt to access sensitive or Personally Identifiable Information (PII), either through multi-factor authentication (MFA) or single sign-on (SSO) methods like SAML or OIDC during active sessions. Implementing CA requires installation of the Zero Trust - Continuous Authentication plugin and a valid license.

    Key Features

    • Step-up Authentication: Enforce MFA within sessions based on data sensitivity or user activities.
    • Re-authentication Policies: Configure policies at table or data class levels to require re-authentication for sensitive access.
    • Zero Trust Principles: Explicit verification of all users and devices, least privilege access, and breach assumption.
    • Role-Based Management: Roles include CA Admin for full configuration, Policy Admin for policy management, and Auditor for monitoring metrics and logs.
    • Modular Components: Includes modules for managing policies, viewing authentication metrics, and configuring system properties.

    Benefits

    • Enhanced Security: Continuous verification helps quickly detect and respond to security threats.
    • Reduced Risk of Account Takeover: Limits unauthorized access even if session compromise occurs.

    Use Cases

    • Enforce re-authentication before granting access to sensitive or PII data.
    • Implement periodic re-authentication or step-up authentication using identity provider MFA or ServiceNow’s MFA.

    Next Steps for ServiceNow Customers

    • Install and license the Zero Trust - Continuous Authentication plugin to enable CA.
    • Assign elevated roles (caadmin, capolicyadmin, or caauditor) for managing and monitoring CA.
    • Create and customize CA policies aligned with your organization's zero trust security requirements.
    • Use CA metrics to monitor effectiveness and adjust policies as needed.

    ServiceNow's continuous authentication (CA) enables you to reverify and authenticate a user if they access resources that are protected by you.

    ServiceNow's continuous authentication is a security mechanism designed to verify a user's identity not just at the initial login, but throughout the user's entire session. CA is built on ServiceNow's zero trust access security architecture that aims to enhance security by ensuring that the user remains who they claim to be, even after the initial authentication process.

    CA works on the following zero trust access principles:

    • Verify explicitly: No implicit trust for any user, device, or system within a network, regardless of location. Every user and device must be explicitly authenticated and authorized, regardless of location or past access.
    • Use least privilege access: Grant only the minimum access or permissions needed to perform specific tasks and limit potential damage from compromised accounts or systems."
    • Assume breach: Instead of relying only on prevention, assume breach and focus on proactive detection, containment, and response.

    CA provides the ability to enforce step-up authentication or re-authentication based on the data users are accessing and activities they are performing​. It be opted by administrators for creating security policies at a table or data class level.

    You can enforce step-up authentication (MFA) or re-authentication (SSO - SAML or OIDC) within a logged-in session whenever there is an attempt by the user to access Personally Identifiable Information (PII) and sensitive data.

    Note:
    You must install the Zero Trust - Continuous Authentication (com.snc.zero_trust_continuous_authentication) for opting CA which requires a license.

    Benefits

    Following are the some of the benefits of using CA:

    • Enhanced Security: By continuously verifying the user's identity, the system can detect and respond to potential security threats more quickly.
    • Reduced Risk of Account Takeover: Even if an attacker gains access to a user's session, continuous authentication can help prevent them from accessing confidential data.

    Use cases

    Following are some of the use cases for using CA:

    • Enforce re-authentication before allowing access to sensitive data using different policies.
    • Enforce periodic re-authentication or step-up authentication using different policies:
      • Use re-authentication that can include IdP's MFA, IdP's SSO.
      • Use step up authentication with ServiceNow's MFA.

    Roles in CA

    CA has the following roles:

    • CA Admin (ca_admin): Ability to create, edit, and view CA policies. Configure CA properties and view dashboards (Metrics) of CA.
    • Policy Admin (ca_policy_admin): Ability to create, edit, and view CA policies..
    • Auditor (ca_auditor): Ability to view dashboards (Metrics) of CA. And policies, and logs of CA.

    To configure CA you must elevate your role to ca_admin and perform the policy configurations.

    Note:
    All these 3 roles are elevated roles.

    Modules in CA

    Following are the different modules within CA:

    • Policies: View the different continuous authentication policies that are created.
    • Metrics: View the different metrics for continuous authentication for KPI purposes and understand the usage of CA within your organization.
    • System Properties: Use system properties to enable and customize continuous authentication (CA) to meet your zero trust access security requirements.