ServiceNow adds enhanced AI with Orlando release

Nadeem Akhtar - 29th April 2020

With over 10 years’ experience at Engage ESM, most recently as a Solutions Architect, I keep up to date on industry best practice across all areas of ServiceNow and I’m specifically interested in how improved capabilities within the platform can help organizations in their strategic goals.

2020 will see the new ServiceNow Orlando release bring new functionality and refinements that will help customers make better decisions, solve more complex problems more quickly, and automate their work more efficiently.

The overall theme here is intelligence and, in this blog, I will cover key features in the release - specifically what the improvements to AI, machine learning, and natural language look like, what they mean for the platform, and ultimately how they improve the user experience.

Machine learning and natural language abilities in ServiceNow aren’t new to Orlando, in fact my colleague, James Morrisey, covered this topic when these innovations were first released in the New York release last year. Yet, it is important to recognize that Orlando isn’t just repackaging the same with a new badge, rather it is taking a significant step towards a more natural way of working. This is being achieved by consolidating, improving, and expanding the horizons of AI and continuing the journey to AI-as-a-Service.

Natural language understanding

Natural language understanding (NLU) is a major player in the Intelligence improvements, and with significant numbers of consumers regularly using smartphone speech-recognition technology or interacting via Siri, Google Assistant and Alexa (and Bixby if you swing that way), it’s only natural that this is a direction for ServiceNow to take too.

The previously mentioned blog summarized how NLU works and is implemented, but here’s a quick reminder:

The above all connect into an NLU model which defines how a user can communicate to a ServiceNow application.

Previously, each NLU model was specific to an application, and entities within a model were specific to an intent. Whereas the Orlando version gives users the option to leverage the NLU models and clone them to new applications and move entities to cross all intents within a model.

Besides, the users can now compare and test draft models against published ones, this means when creating or updating a model they can see how much of an improvement or deterioration changes to a model have caused.

Speaking of improvements to NLU models, the introduction of the PA NLU dashboards allows admins to track in real-time communications between users and ServiceNow, offering valuable insights not only to what is being asked but on how well the modeling is handling the user requests.

This all leads to a more natural and consistent experience when communicating with ServiceNow, which really helps when talking about one of the most powerful user experience improvements in Orlando, the Analytics Q&A.

Analytics Q&A

I should caveat this by saying that Analytics Q&A isn’t generally available just yet, but this could soon change how reporting is achieved through your organization.

Generally, reporting and analytics is an involved process that requires a deep understanding of data available and what is required - it is often a time-consuming task.

Imagine preparing for a management meeting. Even if the required data is available in ServiceNow you will still need to output multiple reports to cover numerous topics, and typically to further drill-down on specific data points will require more manual intervention, in turn slowing down decision making and the agility of an organization.

So, what is the solution here? Imagine you don’t have to waste valuable time generating many reports for a meeting but rather you bring your mobile device, then when the conversation swings to supplier performance you can easily bring up a relevant report simply by asking ServiceNow, “How many tickets are with our suppliers right now?” ServiceNow will respond with either a pre-defined report or dynamically create one for you, and leveraging the NLU and machine learning capabilities of Orlando you can even ask more exploratory questions such as, “What are the average change times for Supplier X services?”

The below example shows a manager asking very simple questions and in real-time getting relevant results in the formats that they need:


Orlando has brought to the market a good range of improvements and new features, the platform’s intelligence is very exciting and includes more than just analytics Q&A and NLU improvements, but also predictive intelligence which helps in triage and predicting trends. Also, these enhancements apply to the mobile side as well to mobile branding and mobile analytics which can change the way users view and use ServiceNow as a mobile experience.

This is a significant release that really consolidates and improves the platform baseline, in my opinion, Orlando is moving us to a more natural and intuitive way of working, utilizing the way we interact with technology at home to how we can interact with technology in the workplace, taking the monotony and tediousness out and replacing it with something more approachable.

In the second part of this blog I will explain the Orlando release enhancements for addressing the mobile workflows.

If you would like to find out more information on any of these features, please contact us here.


Virtual Agent in New York

James Morrisey - 5th November 2019


The New York release of ServiceNow has arrived and with it plenty of new features for customers to get their teeth into. In this post I’m going to focus on the latest advances for the Virtual Agent in New York, along with information on a recent implementation carried out by Engage ESM for a UK Bank and the benefits that this has brought to them.

The Virtual Agent is a conversational chat bot that provides user assistance through a messaging interface. This comes with out of the box conversations for ITSM, HR and CSM which is a great starting point for any customers looking to setup and get value from day one.

Natural Language Understanding

The biggest change in the New York release is the Natural Language Understanding (NLU) capabilities.

NLU models are setup to understand statements that a user might make during a conversation and relate those to a task to perform in ServiceNow. This works the same way as Alexa, Google and Siri when you ask, ‘What’s the weather like today?’ or ‘Can you tell me today’s forecast?’. They understand the intention of the user regardless of the statement and respond appropriately.

In ServiceNow we can use the following example to run through how this new functionality works. Our user Joe Bloggs hasn’t heard back from their recently raised ticket regarding an order for an Apple iPad 3. Joe could pose this question in a number of ways:


The Virtual Agent will use the trained model to understand that the intent of Joe is to ‘Check IT Ticket Status’ and trigger the flow of that conversation. But how does this work under the hood?

NLU has the following 3 step approach to understanding a request from a user and ensuring that the right action in ServiceNow is carried out as an output:

Let’s see this working in the following two screenshots through the chat interface:

You can see that despite the difference in statements made through the chat, the Virtual Agent understands that Joe wants to check his ticket status and provides him with the status of his order.

Why does this matter for customers though? This will reduce frustrations from end-users with Virtual Agent as it will understand the user’s intent much more frequently, making conversations more natural and quicker than ever before. As a result, this will reduce users asking to be routed to a live agent and increase self-service.

In addition, ServiceNow has also released an integration to IBM Watson which will provide the intents, entities, and utterances for the Virtual Agent conversations further reducing the chance that the Virtual Agent does not understand the intent of the end-user.

UK Bank Case Study

Engage ESM have recently completed an implementation of Virtual Agent for one of the big four UK banks. The implementation took around 90 days of effort which was a blended team from both Engage ESM and the customer.

Included in the setup were 33 topics including modifications to the out of the box topics for ITSM. As a result of the implementation the bank has seen the following results:

This has been one of the biggest successes of the year for the bank over a relatively short-term engagement bringing real value and freeing up the desk to work on tickets of a higher complexity.

Our lead consultant had the following thoughts on the overall project:

“Virtual Agent has shown to be a powerful tool for both the service desk and colleagues themselves. It frees up a service desks time by migrating many existing ‘repeatable conversations’ to a chatbot, while also reducing the time for colleagues to work their way through these conversations by providing instant responses. Virtual Agent is flexible in that it is not held back by any existing customizations a customer may have and has proven to, with a well-defined plan, allow for a fast implementation which provides benefits from day one.”

Final Thoughts

Customers will start to see real benefit in implementing Virtual Agent by reducing the number of low complexity tasks that come into the desk and allowing the Virtual Agent to drive self-service on the platform. It’s great to see the improvements coming from ServiceNow with a real focus on the end-user interactions and I look forward to seeing what’s to come in Orlando!

If you would like to find out more information on anything in this post, please contact us at

Baseline data in New York

Simon Austin - 16th October 2019
"You know it’s all about that base(line data)..."




“I’ll make a brand new start of it”

As we’ve come to expect from ServiceNow, the Now Platform New York release brings a wealth of new innovations (more than a pleasingly-sequential 678 of them) for us to explore, exploit and enjoy.

In this blog, I’ll discuss a couple of the data-centric features that I think will help Administrators and Developers to ‘do more’ with ‘less effort’ (or, more correctly, less effort to achieve your ‘what’, rather than fumbling with the ‘how’), so they can continue to concentrate on delivering customer value (rather than the necessary, but often under-appreciated, maintenance and stuff-that-needs-to-be-done-to-ensure-a-successful-development-environment activities).

Instance Data Replication (IDR)

“If I can make it there I’ll make it anywhere”

Imagine if you were able to test in your sub-production instances with ‘real’ (subject to the appropriate controls) data - how much easier would that make testing, both for yourself and your customers? No more worrying about generating test data sets; no more bamboozling your customers with abstract test configurations.

You could also (if appropriate) keep User, Group and other ‘platform’ information aligned to enable a consistent experience whether ‘testing in Test’ or ‘running in Production’. No more ‘XML import/export’ malarky to try and keep sys_ids in sync, so less of those ‘(empty), but I do know really’ references!

IDR allows you to securely replicate data from one instance to another, or to multiple instances (eg. Development and Test) should that be required. It could be as simple as ‘send the whole table’, but you can naturally filter for a subset of records and, if required, transform and redirect the data en route - plus execute Business Rules and Workflows once the data arrives.

There are some caveats, of course - instances must (at least for now) be in the same ServiceNow Data Centre and replication is ‘only’ triggered every 15 minutes (so it’s not a ‘live’ data synchronisation service). Seeding (initial setup or a data reset) also needs to be done ‘an instance at a time’ and is ‘limited’ to 3 million records. In this first version of IDR, you can only coalesce on sys_id - which is likely to be desirable but may preclude some use cases.

It does not seem possible (yet?) to enable IDR on Developer instances, but hopefully, we will soon be able to replicate data with our peers and take this exciting new functionality for a spin...

Outside of this, IDR could also be used to communicate with ‘external’ instances - for example sending tasks to a third party for action then consuming any updates from their side, leveraging this ‘in platform’ capability to remove the need for those sometimes complicated web services.

For a great presentation and video from CreatorCon 2019 discussing this in much further depth in the ServiceNow Community click here.

Remote tables

“I want to be a part of it”

Imagine if you were able to retrieve data from an external system, process it on the platform as if it were native and not have to worry about managing or maintaining the data in ServiceNow at all. That’s Remote Tables.

There’s all sorts of temporary data accessed across enterprise systems every day and yes, we could write an integration - but, you have to put that data somewhere. With Remote Tables, you don’t - but it still looks like you did! In addition, you still get standard GlideRecord functionality, dot-walking, scripting, plus normal behaviour in form and list views. It’s like an ‘always upto-date lookup table’ for data held externally, or perhaps a ‘created-on-the-fly context-specific report source’ for information to be presented in, for example, Agent Workspace.

It’s also possible to specify how long the data should be cached for before it is refreshed - you might allow contact details from a CRM system to remain valid for an hour, say, but refresh any contract entitlements every time. A table containing the ‘daily specials’ for the onsite canteen could remain ‘fresh’ for 24 hours.

Of course, we need to be aware of the performance impacts and cautious about the implementation - collection scripts run every time the table is accessed (caching aside) and the returned information lives in memory, so data sets need to be relatively compact. There's also a small bunch of development tools that need to be learnt and the implementation is relatively unguided (read: you need to write the script yourself from scratch). That said, once you have it up-and-running the table looks ‘just like everything else’ to other developers and users on the system.

ServiceNow’s Product Documentation includes further examples of where this might be useful and how to set it up.


“Start spreading the news”

Clearly these new features offer huge opportunities for enterprise data management within and without the Now Platform, helping to cement ServiceNow’s position as a ‘tool for everyone’ and the ‘go-to data consolidator’. Providing agents with concise, relevant and timely information will surely help elevate how useful, reliable and respected the tool will become.

One burning question though: do you bite the bullet and re-write existing implementations to simplify them with native capabilities now, hoping to avoid on-going maintenance costs in the future, or will these be ‘just another way’ of collecting data that needs to be supported alongside everything else?

As always, we’ll have to compare and contrast with our current configurations, but I for one am excited to see how these can help simplify our data management needs. Will it work in your environment?

“It’s up to you...”

The importance of learning and development

Jess Robinson - 16th October 2019

Remember the feeling you had during your very first driving lesson?

Sat in the driver’s seat, with a plethora of buttons to press, levers to pull, and pedals to push. But over time, with practice and (hopefully) a good teacher, it became such second-nature that you can now drive without even really thinking about it.

Now, imagine what would have happened if you’d had no lessons before getting on the road by yourself. If someone had just sat you in the car and said, “OK, all the tools are here - now drive!” You might have eventually figured out that you need to press down the clutch to change gear, or how to find the biting point - but it would have taken much, much longer, and you probably would have stalled a lot.

Managing Risk

That situation is exactly what happens when you put an IT tool in front of someone without explaining it. ServiceNow is a phenomenal tool with so much potential - but with potential comes the possibility of confusion. It’s a waste to sacrifice all the effort put into a successful implementation if the key end users don’t agree to the change and don’t end up using it to its full potential.

This risk can be lessened and almost eliminated in two key ways:

  • Configuring the tool to be as user-friendly and intuitive as possible
  • To communicate, teach, and assist the user until they are at ease with the tool

The first of these should be a primary focus of any development implementation; all too often, usability is sacrificed (either in place of functionality covering fringe cases, or work is directed to less useful areas).

The latter is an integral part of the change process to ensure uptake. As human beings, we hate change, so expecting uptake with no communication or adoption techniques is destined to fail. Communications and training is such a fundamental part of the process that should not be overlooked, and requires its own workshops and design.

Communication should be frequent without being overly so and should be given in a variety of methods most familiar to the impacted user - usually, this will be via email. It might also include social media updates, show-and-tells, drop-in sessions, flyers and posters, or announcements.

Helping people to learn their way

Training, like communications, should be varied to accommodate all types of learning. At Engage ESM, we have found great success with a three-pronged approach:

There are various competing theories around how people learn - it’s very much a personalised process for each company and each person affected. It will depend both on the individual’s personality, as well as their workload and whether any time has been set aside specifically for training. Because of this, it’s key to offer a wide variety of formats (also known as connectivism learning), including but not limited to:

  • Short documentation, e.g. Quick Reference Guides (QRGs) which can be converted to Knowledge Articles
  • Long documentation e.g. user manuals, step-by-step documents
  • Short videos, 5-10 minutes long, demonstrating the highlights of key aspects of the tool;
  • Long videos, usually recorded demonstrations
  • In-person training sessions, led by an experienced trainer, heavily focusing on show-and-tell;
  • Informal drop-in sessions, to ask quick questions about pain points or difficulties;
  • Presentation slides, for use after the training sessions;
  • Remote training sessions
  • Lab exercises or quizzes, to ensure information is retained.

With a combination of careful workshops at the beginning of the project, a usability focus, communications sent out throughout the project keeping users in the loop, and personalised training after implementation, the uptake of users can be increased dramatically - and the new driver will be gliding down the motorway in no time at all. 

Improve the security of your ServiceNow instance to expand to all business lines

Vincent Guiheneuc - 3rd September 2019

ServiceNow is a cloud provider with security at its heart. Its architecture is at the highest level of security by design, and it has been so since ServiceNow's launch in 2004. ServiceNow's emphasis on security meant that they could appeal to key decision makers such as CIO and CSOs; something not found in other cloud based solutions on the market today.

Even as a market leader, ServiceNow have created best practice guidelines to tighten security levels and provide solutions, helping to expand the platform for even the most sensitive and ever-changing organizations.

I will be highlighting some of the key principles that will be important across various enterprises. 

Complying with ServiceNow best practice in order to customize each instance 

ServiceNow gives detailed guidelines on all possibilities, it is for the administrator to find the relevant guideline to see if they are complying correctly. To check for compliance, the ServiceNow Product Owner should focus on the security compliance score; displayed on the Security Dashboard and easily accessible within the instance itself. One does not have to achieve necessarily 100% compliance - justified exceptions can exist - and the dashboard is a very efficient way of checking the instance security level and monitor all the various elements in one click. 

Implement ITOM specific securities 

To implement ServiceNow's ITOM suite, notably the Discovery and Orchestration modules (through IntegrationHub), ServiceNow requires server local admin credentials. Logically, Security Managers forbid sharing of credentials with third parties. How do we overcome this? A Privileged Access Management system. If this is not already in place, it must be installed and integrated with ServiceNow. The two world leaders, compatible of course with ServiceNow (distributed by Engage ESM), are CyberArk et BeyondTrust. Their respective integration is available from the ServiceNow store

98% of sensitive data is stored in attached files 

Sensitive and confidential data is stored in the attached files, found inside ServiceNow. Is it really 98%? The estimation is thought-provoking, and my guess is that the two other percent (some fields in the forms like IP addresses for instance) can be encrypted using the Edge Encryption solution of ServiceNow. For example, incident description or even requestor details are generally not confidential. However, a screenshot from an employee's mailbox can be confidential. Many organizations do not transfer such data through the internet (even in https), and even fewer choose to  host their datacenter in a public cloud (regardless of its level of security). Therefore, in order to expand the platform into banking or the health industry, we deployed an OnSiteFile solution (developed by Atlantic Puffin), in order to avoid any files to be sent outside the customer network, whilst retaining the advantages of ServiceNow's SaaS architecture. The files are simply hosted on a document management system such as SharePoint or Alfresco for instance. No file is trasmitted through the Internet, and so we reduce the risk of data leak by 98%.

As aforementioned, these points are only some to be considered. In addition, ServiceNow will build upon and improve platform security in the New York release, expected by the end of 2019.

ServiceNow - the strategic platform to automate cross-enterprise work

Vincent Guiheneuc - 4th June 2019

ServiceNow’s user event of the year, Knowledge 19, was held in Las Vegas earlier this month. Engage ESM were gold sponsors for the event; having involvement in panel and thought leadership slots throughout the conference. However, it was easy to be overwhelmed by the high volume of information made available to all 20,000 attendees. Therefore, I thought it would be useful to summarize Top 5 takeaways from the event. ServiceNow continues to improve the platform with more integrations, mobility and better AI.

Figure 1 – 'Only' 10,000 seats

Firstly, it is important to remember what the Madrid update currently offers. It was all about the platform across the enterprise at Knowledge 19, but its integration is key for it to be successful. The IntegrationHub is the not-so-secret secret service that enables ServiceNow integration with any other third-party tool. It will continue to improve month after month, they are made available on the ServiceNow store as soon as they are ready, and ServiceNow aims to have 200 standard spokes by the end of 2020. In the New York release, Domain Separation will be supported with IntegrationHub and new ServiceNow licenses will benefit from 1 million free transactions. With the new Flow-Designer in Madrid, Flow-Designer and IntegrationHub should be used as the preferred solution over the Workflow Editor for any third-party integration.


Figure 2 – IntegrationHub, a true iPaaS killer

In addition, new DevOps in Madrid is available with limited access. The idea is that ServiceNow should be the backbone of DevOps whilst integrating with Jira, Jenkins, etc. In a nutshell, it is all about change automation for dev with easy toolchain integration for DevOps. AI continues to be improved, especially with Alert Intelligence prioritizing alerts and providing more comprehensive insight and automatic remediation within the ITOM suite. Also, Database Encryption is available with the added advantage of having no impact on the user. It is an alternative to other security functions such as Edge Encryption.


Figure 3 – Alert Intelligence part of Event Management

Coming in New York

Following on from this, there was discussion around what to expect from New York in Q3 this year, especially around how it will bring value in user experience (UX). The Virtual Agent chatbot will support Natural Language Understanding (NLU) to identify the intent of the conversation with a no code model. It will also potentially be plugged into other external systems such as IBM Watson. As well as this, Dynamic Translation will also be a new feature, meaning real-time text translation powered by Microsoft or IBM translation. Indeed, as the strategic partnership announced between ServiceNow and Google, we can also anticipate that Google Translate could be available very soon. Interestingly, voice with Siri Shortcuts will be supported to open an incident.

Figure 4 – Dynamic Translation in New York

Regarding the upcoming New York release, there are two particular main features of the platform that should be focused upon. Firstly, in addition to the existing back end mobile app with offline mode, an employee mobile app will be released with the intention of the end users being able to use ServiceNow from anywhere. For example, it would mean a new HR employee would be able to use the app before joining an organization. The database will be 7 times faster compared to London, which should allow near real-time reporting even on larger tables. The second important feature is Instance Data Replication which will synchronize ServiceNow Production instances, it will not replace cloning but support partial data replication with no code. Data transformation will also be supported. To start with it will only support instances on the same client domain, Orlando will allow data replication between instances in the same datacenter.

Figure 5 – HR new employee app to upload data before day 1

Looking forward even further, ServiceNow started to share some content which may be released in the Orlando release (Q1 2020). They demonstrated one feature, Natural Language Query (NLQ) where a question in plain language, potentially even by voice with help of Siri, can return data in the form of values, lists or charts. In terms of User Interface (UI), ServiceNow is working on a new Guided App Creator Studio to make creation of apps even simpler. We should start to see some way of creating our own Workspace with a UI Builder.

For further information or to speak with an expert today, get in touch with the team here.

About Engage ESM

Engage ESM is an Atos company and Gold Sales and Services partner for ServiceNow globally; providing design, implementation, and support services to clients worldwide. Engage ESM is a leader in the enterprise-service management (ESM) sector, which includes IT, Customer Service, Security, and HR. Engage ESM helps organisations of all sizes to improve their operational performance and extend the value of existing investments in ServiceNow.

Atos is a leader in digital services with annual revenue of over €12 billion and 100,000 employees in 72 countries. Serving a global client base, Atos provides Consulting & Systems Integration services, Application Transformation Services, Managed Services, Cloud operations, Big Data & Cyber-security solutions, and transactional services through Worldline. Atos is also the Worldwide Information Technology Partner for the Olympic & Paralympic Games.

What’s new in Madrid?

James Morrisey - 10th May 2019

The recent release for ServiceNow (Madrid) introduces a vast number of new features to improve efficiencies throughout an organization. In this blog I’m going to talk about my top 5 new features in this release and how they can bring value to you as customers through specific focus on user experience.


Virtual Agent

In the latest release, ServiceNow have released 6 new out of the box topics for ITSM. These are:

  • Resolved Incident – Allows users with the itil role to resolve an incident through chat.
  • Update Change Request – Allows users with the itil role to update the actual start and end time for a change and change the state to work in progress or closed.
  • Identify Scheduled Changes – Allows users with the itil role to see a list of upcoming change requests based on the configuration item inputted into the chat.
  • Identify Available Change Windows – Can be used to find out when the next available change window is for a configuration item.
  • Create Problem – Allows the creation of problem records through chat.
  • Escalate IT Ticket – Users can raise the urgency of IT tickets for a faster resolution. 

It’s great to see more out of the box conversations and I’d like to see this trend continue in future releases. These conversations are a great way to reduce low complexity repetitive tasks within an organization. I was recently at a ServiceNow event where they were asking for ideas for new conversations to be added in future releases. Hopefully mine will make it into New York!


Mobile Studio

One of the most sought after features in Madrid is the new mobile studio. This lets fulfillers, managers and approvers quickly respond to tasks on the go. It provides a familiar user experience and the studio itself lets you build your own mobile apps. The ServiceNow agent app is available on the Google Play Store and the App Store. Out of the box ServiceNow have created three applications for Field Service, ITSM and Approvals.

The Mobile Studio lets you create additional applications with no-code packaged components and templates. In addition, ServiceNow have released an offline read and write capability that will update tickets when a user is back online.

I think there is a lot of potential for the new mobile app. It’s a significant improvement over the classic application and I would expect to see more applications built in releases to come.


Agent Workspace

The innovative agent workspace is a new experience for agents working on tickets and provides a modern user interface. The tabbing functionality makes switching between tickets seamless and all information required for an agent to work on the ticket is available in one consolidated view. 

Furthermore, the Agent Assist feature will pull out relevant content related to the ticket such as knowledge articles and catalogue items. If you are using Agent Intelligence, it will also alert you if the ticket you are working on is part of a recent influx of tickets that could suggest a major incident should be raised.

The user interface is configurable and comes with a guided setup. One of the things that struck me with the workspace is how quickly you can switch between tabs, update tickets and pull out relevant content.  

Agent Workspace is available for ITSM and CSM customers currently, it will be interesting to see what happens in future releases.


Document Viewer

Another improvement in Madrid is the release of the Document Viewer. This essentially lets users view PDF documents in ServiceNow rather than open these in separate applications. A nice addition that will save users from switching between ServiceNow and other third-party applications.

Instance Security Centre

New in Madrid the Instance Security Centre (‘ISC’) is a new portal available out of the box that monitors the compliance effectiveness within an instance. This will help customers to detect, protect and respond to any security events within the instance.

Once upgraded to Madrid the ISC is available out of the box and it comes with a guided tour setup to walk you through the features in detail.

The instance security centre has been introduced as a replacement for the instance security dashboard.


Final Thoughts

It’s great to see another huge release for ServiceNow, arguably one of the biggest to date with the introduction of the new mobile app and agent workspace. The focus on improving the user experience and efficiencies of the platform will help to further drive platform adoption and efficiency throughout organizations using the platform and I look forward to seeing what is to come in the next release.

If you would like to find out more information on any of these features, please contact us here.

Security at the forefront of your employee experiences

Richard Motteram - 6th May 2019

When running workshops for customers looking to implement HR Case Management, one of the topics that will always cause significant discussion and disagreement is around security. This is not simply security between the HR scoped application and the broader enterprise (ITSM, ITBM, SecOps etc) but security between Center of Excellences (COEs) and with HR for HR requirements.


Every customer is different, and this is certainly true when it comes to internal HR security specifically around employee relations and highly sensitive services such as disciplinaries. Due to the wide variety of requirements that we encounter, it is impossible to outline all the solutions to these individual business requirements.  I would like to outline a solution which we have presented and successfully implemented multiple times for various customers, both large and small, across a wide range industry verticals.

HR Case Stub Information

The default security model allows HR agent (those with sn_hr_core.basic) to access all cases across each COE.  Therefore, from a security point of view all HR Cases are treated the same:

This is often insufficient for internal HR departments and there are requirements to restrict HR employee relations cases from the rest of the COEs. However, the rest of the COEs should still know that a case exists should an employee contact them.  This results in a no-win situation: how can a HR agent see a case but not see a case?  The solution is that they can see only certain attributes of the case.  The stub case view, typical attributes include number, employee name, short description and HR Service.  This ensures that all confidential information remain hidden, even within HR departments that do not need to see this information.

So successful is this solution in its implementation, that customers often request to implement not just at COE level but also further into the Topic Category, Topic Detail and even HR Service level. 

For example - Only when the HR Service is Sexual Discrimination should the stub case be displayed to HR Agents who do not have the specialist training required to be assigned this type of case.

For more details on our bespoke security implementations and more detailed use cases feel free to contact us here.

Customer experience impacts your organization’s successes… and failures.

Vincent Guiheneuc - 19th November 2018

Today, as a typical consumer, when I buy a product or service my expectations are high. Get it right, and I will be a brand advocate, but get it wrong and even the smallest hiccup can turn a faultless experience into a disastrous one. It is no longer enough for organizations to target high customer satisfaction, they must provide a complete customer experience that intelligently predicts and then prevents issues occurring in the first place.

Quite the opposite happened to me recently.

When recently travelling back from the USA I realized my booking was incorrect. Instead of arriving at Charles de Gaulle Airport in the north of Paris, I would be landing in Orly Airport in the South.

I quickly contacted the airline at 2:09 AM in Europe via their Messenger service. But my response came at 11:42 AM, by which time I had already purchased another ticket! How can a worldwide service only operate within European business hours for support?


Expectations vs. Reality

The truth is we all expect a good standard of service to be available 24/7 and whether that is enabled by people or technology, we have much greater expectations than before. Subscription-based business models are now normal practice across huge swathes of the economy. From a Netflix subscription to buying a mobile phone, or even a car. The fact is these are no longer quick one-off purchases but ongoing relationships and as such the customer rightly demands more.

More efficient methods of empowering the customer are continuing to be developed and implemented. This is about unifying people, technology and process to deliver smarter and more efficient experiences.

It is vital that beyond basic customer engagement, an efficient Customer Service Management tool is put in place.

Firstly, everything must be customer-centric, this means empowering the customer and focusing on customer experience. It starts by facilitating the way the customer can request a service. It must be omni-channel, from a walk-up facility to a web-based service portal with a live chat.

Messenger, if it has an associated ChatBot, is not necessarily a bad idea. It can provide an instant automation capability to dialog with the customer. Based on AI, the ChatBot can converse with the customer and solve most common issues. A human agent should be there only for escalation, when the AI bot fails to solve a complex issue.

From my point of view, a great Service Portal should clearly present what is possible as well as being personalized to the customer to improve their user experience (UX).

To make the customer self-sufficient and achieve the prime objective to fix the issue at first contact, some features should be implemented such as:

  • A knowledge base (KB) to act as a self-service online library
  • A community where customers can help each other
  • A ChatBot solving issues while allowing smoothly the submission of a case if it fails

Even if I am not fond of this feature, supporting the customer through email can be enough if the customer management tool can identify and solve the issue. With the help of AI technology, automatic suggestions can be provided in near real-time to quicken this process.

Providing a walk-up feature with some queue management can achieve to offer a broad omnichannel customer experience. 


What are the benefits of having such a tool?

Customer Retention

Customer retention should be a prime objective which can be directly achieved by higher customer satisfaction levels. Whether you are measuring customer satisfaction through CSAT surveys or NPS or Customer Effort Score, it does not really matter as long this is being tracked and helps you improve.

Business Growth

Implementing a Customer Service Management tool allows for the absorption of a high number of requests, issues, and therefore let the business grow without limits on its scalability, which would be the case if the service was solely relying on a customer support team.

Improving Service

By gathering real time customer data, this can be used with some AI analysis to feed into the relevant team on where they can improve the service. In addition to this, ratings on the best knowledge articles will help the customer to become self-sufficient.

Employee Retention

Your employees do not want to be dealing with the same requests and complaints repeatedly. By using automation and making your customer self-sufficient, your employee can concentrate on more challenging issues or even change their role within the value chain.


What technology you should be using to implement efficient Customer Service Management?

Clearly, there are many choices on the market, from CRM suite (e.g. Salesforce) to product design (e.g. Jira). However, from personal experience and after many successful implementations, I recommend a ServiceNow Customer Service Management solution, as it is a great way to prioritize functional areas that really matter to you and your customers. This is most often seen where technology remains at the heart of the business. Core features such as SLA, CMDB, AI, Analytics can bring great value to the customer.

In conclusion, a great Customer Service Management tool will also increase customer perception – and perception is always key – this will enable you to provide a world class service.

1. Harvard Business Review

ServiceNow’s Jakarta presents ‘Trusted Circles’

Richard Briggs - 18th October 2017

This is the fourth and final part of our IT Security Operations series and first look into this new functionality within ServiceNow's Jakarta upgrade, if you have missed the previous blogs click here.

With the Trusted Circles subscription, each organization’s ServiceNow instance possesses the ability to share the latest observed threat intelligence information (e.g. suspicious activity observed on their network) and maintain up-to-date awareness of currently trending threats that have been witnessed and shared by others in the organization. 

This capability is achieved by communicating shared threat information via a central trusted circles ServiceNow instance.  Each organization has what’s known as their own unique ‘profile’ which governs what information they are willing to share and whom with; whether this is trusted peers only or posted anonymously to all other trusted circle subscribed ServiceNow customers.

I can see this may especially benefit government organizations, who provide essential public facing web services.  If such an organization is using ServiceNow and receiving live event data from multiple SIEM tools e.g. NIDS, HIDS and a DDoS protection device; e.g. Arbors APS and deep-dive network forensics tool - Arbor Spectrum; these would enable any observed offensive network activity to be shared at the customer’s discretion.

Lastly … Have any concerns?

How secure is my data on the cloud? Not to worry, ServiceNow offers best-in-class methods to keep your data secure; offering multiple secure methods for user authentication, data access-control, secure VPN access, EDGE data encryption, IP Access-lists for restricting comms to specific IP endpoints, even On-premise installations and many more security features are available.

I can’t do this all at once!  Do not worry, we are here to help you - you can incrementally roll-out support for new capabilities using the AGILE/SCRUM approach – all of our accredited ServiceNow consultants are well versed with this methodology and can merrily implement your requirements as stories according to your production timeline.  It is not unusual for ServiceNow to provide customers with a Dev, Test and Production instance that permits new changes to be implemented, tested, rolled-out and rolled-back in a controlled manner.

This was the final of our IT Security Operations instalments; if you have any questions in relation to this series or wish to find out more about us, feel free to contact us using the contact details below.

Configuration Management in CloudCenter: Ansible

Arthur Rimbun - 21st September 2017

In today’s increasingly complex IT infrastructure, a software product does not typically work as a standalone application. Companies – and large enterprises in particular – deploy IT systems that are complex and tightly integrated with one another, creating plenty of integration challenges as well as opportunities for automation.

CloudCenter is no exception. Being a platform that allows seamless deployment into many public and private clouds, it supports integration with many existing software that already exist in the market. An example was already covered in a previous blog post, which describes CloudCenter’s ability to integrate with configuration management tools, such as Puppet and Chef. Essentially, what this means is that IT infrastructure engineers can leverage their existing Puppet modules or Chef recipes to bootstrap virtual machines that are deployed using CloudCenter.

Ansible is another popular configuration management tool available in the market. While CloudCenter does not provide integration with Ansible out-of-the-box, it is fairly easy to write a custom script that allows a deployed virtual machine to be configured by an Ansible playbook. In the below tutorial, I shall walk you through the steps involved in setting up a basic virtual machine with an Ansible client installed. You can then use the installed Ansible client to execute any playbook – and thus configure the server – as you see fit. Hence, you get the best of both worlds: the elegance and ease-of-use of CloudCenter to orchestrate and manage your hybrid-cloud deployment, and the simplicity of Ansible to configure the deployed services. The following high-level diagram illustrates the workflow of Ansible in relation to CloudCenter.

The Ansible Service

CloudCenter comes pre-packaged with a set of common services that can be deployed straight into the cloud, such as the HAProxy load balancer, Tomcat web server, and MySQL database, among many others. CloudCenter also supports modelling all three as a 3-tier application profile, if you wish to do so. It also supports adding custom services. I have provided below a sample service code for installing Ansible client on CentOS and RedHat operating systems.


exec > >(tee -a /usr/local/osmosix/logs/service.log) 2>&1



  • /usr/local/osmosix/etc/userenv
  • $OSSVC_HOME/utils/
  • $OSSVC_HOME/utils/

installAnsibleClient() {

    yum clean all

    yum -y update

    yum -y install python-pip python-devel

    pip install --upgrade pip

    pip install ansible



    [ $exitCode -ne 0 ] && exit $exitCode

    echo "Install finished"


case $1 in





The script above is simple at its core: it installs PIP (Python package manager) and uses it to download and install the Ansible client on the virtual machine. Following standard CloudCenter new service addition procedure, the script should be placed in a file called service and packaged in an file. In the Agent Lifecycle Actions section, you will need to specify the path to the ZIP file and the “service install” command to execute the script during bootstrap. The screenshots below illustrate what the service looks like in the Add a New Service page in CloudCenter.

Figure 1: Virtual machine setting for Ansible service

Figure 2: Installation script setting for Ansible service. Note that this is being configured to read from Engage ESM’s S3 repository.

Save the newly created service, and that’s about it really! You will then be able to create a service profile that utilises this newly-created Ansible service, and point it to the location of the Ansible playbook you wish to execute. In a future post, I will walk through the steps of how you can use the Ansible service to install a Tomcat application using the publicly-available standalone Tomcat Ansible playbook.

Vulnerability Response in ServiceNow’s Jakarta Upgrade

Richard Briggs - 31st August 2017

This is the third part of our IT Security Operations series and first look into this new functionality within ServiceNow's Jakarta upgrade, if you have missed the previous blogs click here.

An essential application for maintaining up to date IT/Network security is using a Security Operations instance which can keep itself updated with the latest published vulnerability data (identifying known weaknesses in software/OS, exploitable by malware and other types of attack) using scheduled downloads from NIST’s Vulnerability Database (NVD).  Some related abbreviations that you may need to be aware of are;

  • CWE (Common Weakness Enumeration) – a common language of discourse for discussing, finding and dealing with the causes of software security vulnerabilities as they’re found in code, design, or system architecture. This applies to the vulnerability – not the instance within a product or system.
  • CVE (Common Vulnerability and Exposure) – a dictionary of publicly known information including security vulnerabilities and exposures. This applies to the specific instance within a product or system – not the underlying flaw.

I was pleased to learn that a ServiceNow integration for Tenable’s security center (arguably the most popular scanner used to identify vulnerabilities out there) is readily available from ServiceNow’s app store, enabling remote control via the ‘MID’ server option. This feature allows you to schedule vulnerability scans and import the results into ServiceNow, identified as ‘vulnerable items’ that clearly identify the ‘source’, ‘summary’, ‘threat’ and ‘solution’ for your security operations team. By doing so, this ensures a timely response for support teams to remediate the list of discovered ‘vulnerable items’ (as related to CWE’s and CVE’s) in order of priority! 

Threat Intelligence

This application provides your organization with an internal point of reference to support the analysis and sharing of cyber threat intelligence data defined using the STIX (Structured Threat Information eXpression) language - see  Sorry for yet another acronym, not one you’d normally hail on the street is TAXII (Trusted Automated Exchange of Indicator Information), a free and open transport mechanism that standardizes the automated exchange of cyber threat information. Click here for further information.

The term ‘STIX idiom’ is used to define an instance of threat intelligence for a specific use case e.g. an indicator for a malicious URL can be seen in the example below. If incoming event data matching this malicious URL is received by your instance, this information is at your disposal to help determine the next steps – whether this requires manual operator interaction or automated response using ServiceNow’s automation features.

That’s it for this week’s blog, next week I will be writing about the new 'Trusted Circles' functionality.

If you have any questions in relation to this blog post or wish to find out more about us, feel free to contact us on the links below.

Security Incident Response within ServiceNow’s Jakarta

Richard Briggs - 17th August 2017

This is the second instalment part of our IT Security Operations series and first look into this new functionality within their Jakarta upgrade, if you have missed the previous blog click here.

Within ServiceNow, Security Incident Response is Security Operations’ core application that works in unison with Vulnerability Response, Threat Intelligence and Trusted Circles. It also seamlessly integrates with ServiceNow’s traditional ITIL orientated components such as Event Management, CMDB, Change and Incident Management, Business Service Management and many more.

Looking at NIST’s security incident handling guide, the seven key stages (grouped into 4) of the Security Incident Response lifecycle are summarized into the following sections:


This stage is focused on establishing your organization’s current incident response capabilities, then taking the necessary preventative measures to ensure your systems, networks and applications are secure.

So how will ServiceNow Security Operations help you at this stage?

  • Keep detailed security team contact information up to date, and other essentials such as staff on-call rota, enabling webchat communication and sharing of information. Do you know which security SME to assign a specific category of Security Incident, is he on-call?
  • Streamlining your security incident processes. You can prepare by defining your own workflows to suit your organization’s documented security runbooks; these can be adapted based on the type of Attack Vector you need to prepare for. What process do I follow, what page in the manual was that?
  • Making users aware of currently trending threats. (See Threat Intelligence and Trusted Circles) Procedures to ensure users are adequately trained, with related knowledge based articles already looked up for you!
  • Maintaining pro-active security. By assigning and tracking the status of key preparation tasks such as risk assessments, vulnerability scans (See Vulnerability response), as well as patching carefully controlled using Change Management.  What vulnerabilities does this version of IOS running on my switch have?

Detection and Analysis (Identification)

These stages are probably the most interesting to me and now that you are prepared (or should be!), this is where fun starts!

Depending on the type of security related events that your entire army of SIEM tools (all feeding into your ServiceNow instance) are capable of detecting (and maybe even responding too if told to do so!); e.g. malware detected, DDoS on a Web service, phishing email, escalation of user privileges, the list is endless. Depending on which SIEM tools you have at your disposal, events received may be identified as either an incident indicator (i.e. incident may have occurred or is happening now e.g. malware detected!) or precursor (i.e. may lead to something bad happening in the future e.g. uninvited nmap port scans!).

So how will ServiceNow Security Operations help you with detection and analysis?

  • Provides enhanced event analytics capabilities and targeted response that supports the aggregation of received event data, RCA and filtering out unwanted noise.  This is achieved using ALERT and IMPACT rules; IMPACT Rules determine the magnitude of a potential outage on business-critical CI’s (or its relationships) and Services to set the appropriate severity.  ALERT rules govern the resulting ACTION to be invoked when defined alert(s) conditions have been met (e.g. Create a new security Incident, prioritized accordingly and populate it with the affected CMDB CI’s and any other related information, auto-assign it to the security SME, notify them via email/pager and start the SLA timer, if they don’t respond to incident within 10 minutes, escalate to their manager and give them a clip round the ear… maybe smile ).

  • Helps you understand the dependencies and relationships between your Systems, Applications, Network resources and critical Business Services.  What impact will this have on my business services if this system is infected with malware? CMDB, Business Service Modelling and Asset Management are there to help
  • Notify other trusted organizations what you’ve identified using Trusted Security Circles, you never know, your selected partner organizations haven’t observed this type of attack yet (or vice versa!).  Not forgetting valuable Threat Intelligence to provide up-to-date guidance.
  • Can assist with event data enrichment using web-service API’s with popular vendor COTS tools (i.e. get me further information about a targeted CI pronto! e.g. resolve that host IP to FQDN, what processes are running on this box?, do any reported process names match any known threat IoC (Indicators of Compromise)?, if so update the security incident with related threat KB articles) and escalate priority, notify other skilled SME’s.
  • Multiple informative dashboards are available, providing live feeds and current status of Security Incidents. This simple but handy features caught my eye, called ‘Task boards’ that enable security teams or even your CISO to see easy to interpret pictorial overview of what’s going on with your open security incidents.

Containment, Eradication and Recovery

These stages are especially important when it comes to combatting the effect of infections spread via malware/worms that propagates at warp speed between adjacent hosts that each have identical vulnerabilities (unless of course you are ahead of the game). Therefore, the faster you contain, the less damage (hopefully!) will have been done, but a full recovery can still take months.

So how will ServiceNow Security Operations help you with these stages?

  • Provide an intelligent automated response if needed using Orchestration (i.e. take things to the next level by initiating a remediation workflow which can comprise manual and/or fully automated suite of tasks using Security Incident Response Orchestration using scripts to contain the infection e.g. block outbound access to a malicious IP on your Palo Alto firewall, initiate shutdown of infected systems). If you haven’t had time to automate such tasks just yet, don’t worry - perform them manually as defined in workflows to ensure what you’ve done is reproducible…and potentially automate the next round.
  • Use ServiceNow’s central CMDB to reference your system’s DRP related material (not forgetting valuable CI to Service relations!) These features will assist your teams to contain and recover systems; achieved by following the affected CI(s) related baseline installation and configuration instructions, restoring the last system tape backup or maybe even using the powers of orchestration to do it for you using either puppet or chef to spin up a fresh new ‘uninfected’ virtual system instance (subject to approval of course).
  • Initiate other automated activities? Once you’ve restored the infected systems – how do you test them to ensure things are eventually back to normal?  Again, orchestration/ scripting can be executed to confirm things like – a servers processes running, initiating a Nessus scan to check if your recently restored devices vulnerabilities have been re-exposed (due to the last restored backup not containing a recently applied patch - oops!), or even using network service testing products such as NETSCOUT’s nGenius PULSE could come in handy.
  • Assistance with Evidence gathering and handling.  Throughout all the key security incident handling stages mentioned, all actions performed to detect, analyze, identify, contain, eradicate and recover from the security incident must be accurately captured. A comprehensive Security incident audit trail is recorded for you, to be used for post incident review activities, lessons learnt and for forensics evidence useful for legal proceedings.

Post Incident Activity

This is a very important stage where valuable lessons learned are called upon in group discussions to enlighten you, since unfortunately not all things go smoothly first time! Your organization might have conducted a penetration test to help your teams prepare for this first round (of many maybe!).  However, you were all probably on-site, in the control room, all monitoring your dashboards waiting for something to happen at 8pm on a Thursday (outside normal service hours), maybe with some observers watching your every move. By the way - this is a highly valuable exercise and I sure have learnt a lot from witnessing what a pre-arranged DDoS attack does to an enterprise network without adequate protection (and response)!

So how will ServiceNow Security Operations help you with post incident activity?

  • Automatically create post incident reports for discussion at lessons learned meetings that can be reviewed and edited before being published. These can contain a comprehensive audit trail of all events and activities performed. Especially useful for completing Incident handling check-lists.
  • Security Incident statistics monitoring and reporting, used to indicate the measures of success, including cost. How many and what type incidents of were created? How long did each team spend resolving incidents?, What was the average Incident response time? How many Incident SLA’s were met/exceeded? Which security teams or SME’s were the busiest? Have no fear, performance Analytics can assist you here!

  • Issuing dynamic post incident questionnaires to staff. This helps collect further information about specific security incidents (e.g. did you have sufficient knowledge of that malware/worm/trojan? Were you aware of similar attacks from that source IP before?)
  • Feedback post incident review to Threat Intelligence (e.g. do I need to write my own STIX idiom for that incident?), update related Knowledge Base articles and share with others.

Well that’s it for now! Join me for part 3, when I’ll be running through Vulnerability Response and Threat Intelligence.

If you have any questions in relation to this blog post or wish to find out more about us, feel free to contact us using the links below.

Feeding events into Security Operations in ServiceNow’s Jakarta

Richard Briggs - 8th August 2017

Welcome to the first instalment of our IT Security Operations blogs; with the release of ServiceNow’s latest upgrade Jakarta, I’m interested in the benefits that the new functionality offers our security conscious customers (hang on a second, aren’t we all more security conscious individuals in today’s evolving IoT; that’s plagued with botnets, infested by malware and trained black-hat hackers looking for some fun! I think a big YES is the answer to that – if it’s a no, then you should be!)

A personal note – we’ve probably all provided our parents with a few tips to help keep their home IT secure (My father is a 75 year old retiree who had no opportunity for IT training way back in the 1950’s). My favourite example was; “No DAD stop! Don’t log in to PAYPAL and change your password when you’ve received what appears to be a perfectly valid email” (as apparent to him), that looks completely suspect (to me, since I could see he was being directed to mistake to make when you have poor eyesight!). I avoided trying to explain the term ’phishing’ to him at that time seeing as it would only cause more confusion!

Anyway back on topic, time to convey the headline features of ServiceNow’s Security Operations that really grab my attention! The truth is there’s a whole host of new security related functionality in ServiceNow's Jakarta release that’s not only relevant to exisiting ServiceNow users but also for those organizations with existing Security Operations tools looking to up their game. In any case, I’ll give you my take on Jakarta by talking through some real examples…

Feeding Events into Security Operations

First task, I need to get events from my enterprise’s SIEM tools such as firewalls (e.g. Palo Alto), DDoS Protection (e.g. Arbor APS), event monitoring (e.g. Splunk, HP OMi) fed all the way up into my shiny new Security Operations instance hosted up in the cloud. This can be achieved with the Event Management application which offers a number of different methods; the most popular being a ‘MID’ server deployed on-premise that acts as a secure gateway.

The MID server supports a wide variety of event listeners; SNMP Trap, syslog and Web services; SOAP/RESTful, with many connectors readily available for popular tools like those mentioned above, and Microsoft SCOM, Tanium and Elastic may come in handy. Security Operations can also be called to action via inbound email notifications and IoT device (e.g. sensors, smart meters) ready connectors to Amazon AWS or Microsoft Azure.

Once your Security Operations instance starts receiving events, your ‘event rules’ are consulted to determine what automated action(s) it should take, such as transforming the raw event data contained within these events. to create meaningful Alerts for remediation and tracking.

Before we move on, I must admit that I like ServiceNow’s Alert timeline view, which is a very useful feature to add to my inventory. I’m pretty sure the person who devised this got the idea from the scrolling star wars movie prologue. smile

Right, you get the picture! I’ll stop there and next week we will move on to Security Incident Response.

If you have any questions in relation to this blog post or wish to find out more about us, feel free to contact us using the links below.

Cisco CloudCenter: Using ‘Let’s Encrypt’

Dimitrij Gorodeckij - 24th July 2017

Before Let's Encrypt was made available to webmasters, obtaining a certificate for https meant spending a fair sum of money through trusted certificate authorities to gain the ability to encrypt traffic for your website. Using a self-signed certificate will work, however in a web browser you always need to add an exception before opening a link and this does get annoying. In this article, I want to explain how easy is to use the Let's Encrypt SSL certificate with CloudCenter Manager instance web GUI.

Let's Encrypt has completely changed the process of adding a website certificate to your website. Not only have they made access to a certificate completely free, they've also made sure both the installation process and the ability to update your certificate is as simple as possible. This means website owners can offer the benefits of https to their site visitors, without the need to spend extra cash in doing so. This results in the the traffic going to any website using Let's Encrypt is, in essence, protected.

For a CCM that based on a Linux server (Centos7), for example, we can rely on the EFF's Certbot to install a Let's Encrypt certificate by simply copying and pasting a few lines of code. I will demonstrate below how easily this can be done. But, before we start, we need to have a domain name. If you don’t have one set up as of yet, you can register one for free with service provider Freenom.

Freenom provides DNS resolution and domains. As the second largest domain provider Freenom operates a large AnyCast infrastructure providing authoritative DNS services for TK, ML, GA, CF and GQ domains. This infrastructure is already in place and it's a no-brainer to offer also resolving DNS services on this large infrastructure for free. Freenom World's DNS resolvers are always close by and fast. 12 Months are free (later you can extend it for next 12 months for free again). Then select a suggested domain name for your CCM instance and point it to your instance's public IP. Changes will be in place in 30 minutes.

Once you have your domain topic sorted, let’s ssh to our CCM instance and install certbot:

yum -y update

yum -y install epel-release

yum install certbot

Once you have done this, you need to run it and provide the root folder of the web page (a check needs to be run in order to check that you are the owner of the domain and server with the associated IP address)

certbot certonly --webroot -w /usr/local/apache-tomcat-8.0.29/webapps/ROOT -d

Now we need to give permissions to the place where certs are saved:

chmod -R ugo+r /etc/letsencrypt/

After this, we need to edit our TomCat configuration files at this path:




with SSLCertificateFile="/etc/letsencrypt/live/ /fullchain.pem"

and replace SSLCertificateKeyFile="${catalina.base}/conf/ssl/"

with SSLCertificateKeyFile="/etc/letsencrypt/live/ /privkey.pem"

Let’s Encrypt provide a certificate for 3 months, after which you will need to renew them. It is recommended to add the following routine into cron:

crontab /etc/crontab
crontab -e
0    3  1  */3 * certbot renew –quiet

That’s all, after navigating to your domain, you should see that now its accessible under https:

If you would like to speak to our CloudCenter team, please get in touch with us here, or if you would like to request a demo then you can do so here.

Security Operations in Jakarta

Venetia Rook - 17th July 2017

The release of Jakarta, ServiceNow's latest upgrade, comes at a time when organizations are scrambling to find an appropriate solution to improve their security operations environment. Following over 300,000 computers infected by WannaCry last month, security is now the number one priority for organizations small and large. Engage ESM were asked to help with the testing stage of Jakarta and I was able to have an opportunity to experience the new features that it had to offer.

At Engage ESM we take our customers’ security very seriously, therefore we are bringing new Security Operations functionality in July with the Jakarta release of ServiceNow. In addition to more 3rd Party integrations, this release includes the launch of a new application built into Security Operations, called Trusted Security Circles.

Trusted Security Circles allow organizations to proactively and securely share threat intelligence in near real-time with suppliers, partners and peers.

The easily configurable, 3 key elements are:

  • Profiles
    Ranging from full anonymity to full disclosure, an organization can have different profiles within different Trusted Security Circles, choosing what level of organizational information they wish to share.
  • Policies
    Who can share or view profiles or information.
  • Shared Intelligence
    At a minimum, a list of 1 or more observables, the number of occurrences in an instance with a name and description.

An organization can quickly see if the threat they are experiencing is also happening to anyone else in their Trusted Circle, then depending on the nature of the threat, automatically create a security incident. ServiceNow can then manage related workflows, automation and orchestration to proactively block the incoming attack.

This is an exciting development and I can’t wait to start implementing the new Security Operations functionality with our customers, and as a Gold Services ServiceNow partner, Engage ESM is ideally placed to help. To learn more, get in touch with the Engage ESM team to organize a demo.


Cisco CloudCenter-Chef Integration

Arthur Rimbun - 10th July 2017

Cisco CloudCenter is a powerful tool that allows you to quickly profile applications that can be deployed in multiple cloud infrastructure. For example, if you want a web application running on the Apache web server and a MySQL database, you can model them as a two-tier application using CloudCenter’s powerful Topology Modeler.

Chef is a tool that automates the configuration of a virtual machine (VM). Arguably, the most powerful feature of Chef is the ability to specify the configuration of a VM (i.e. the Chef Client) in a form of cookbooks, which consist of a set of configuration files that can be version controlled and updated as necessary. Chef presents itself as an alternative to post-install scripts and provides a more defined structure of configuration files. Chef configuration files can be associated with a role and the role assigned to a VM (or a list of VMs) of choice. This allows organizations to achieve better scalability and agility through configuration automation.

A high-level illustration of the relationship between CloudCenter, Chef and a deployed VM is given below:

Figure 1: Diagram showing how CloudCenter integrates with Chef

Out of the box, CloudCenter supports deploying Chef Client as a service. By doing so, this results in the best of both worlds: a VM that is configurable by a set of Chef cookbooks – which you can either write yourself or download from the Chef community – with CloudCenter providing the visibility, management and a governance layer.

Using the Topology Modeler, you can create an application profile with a single VM containing Chef Client, as shown below:

Figure 2: Chef Client setting inside the Topology Modeler

Figure 2 shows a sample topology of a Chef Client, with the Chef application modeler in the middle canvas, and Chef parameters configuration on the right hand side. The breakdown for each of these parameters is given below.

Chef Server
This parameter allows you to specify which Chef Server you want to derive configuration files from. A list of Chef Servers may be configured internally in CloudCenter as External Repositories. In this example, the name of the particular Chef Server that CloudCenter will connect to is ChefServer12.
Note: CloudCenter only supports Chef Server v12 and above.

Chef Organization
The Chef organization name is internal to Chef and is configured in the Chef Server. In this example, the name of the organization is engage_esm.

Chef Environment
Chef cookbooks may be applied to a given list of environments and versioned accordingly. In this example, the production environment has been specified, so the VM will deploy with cookbook versions associated with the production environment.

Chef Run List
The Chef run list describes a serial execution plan of configuration for the VM. In this example, a single apache2 cookbook recipe has been provided, which will install the Apache web server on the VM.

CloudCenter supports a single recipe or a single role in the run list (i.e. “role”). In cases where multiple recipes are required to be executed in order, a role may be created in the Chef Server and the recipe list associated with the role.

If you would like to speak to our CloudCenter team, please get in touch with us here, or if you would like to request a demonstration then you can do so here.

The Importance of Security Operations

Roderick De Guzman - 8th May 2017

Organizations all over the world over are facing unprecedented risks from cyber-attack. Whether a basic phishing attempt or more sophisticated malware, attackers have become ever more resourceful and persistent in their efforts to disrupt individuals, organizations, and governments.

May 2017 saw security experts scrambling to contain the fallout from a major global ransomware attack that affected some of the world’s largest institutions and government agencies, including the National Health Service, FedEx and the Russian Interior Ministry.

Yet a common misconception is that only the largest of enterprises are targeted by hackers, in fact increasingly hackers are seeking a quick profit by taking aim at medium and smaller sized companies that are more vulnerable to attack.

Ransomware and methods originally developed for attacking larger enterprises with more sophisticated defences are being redeployed and used on those organizations a rung down on the ladder. Large enough to hold sensitive data and run complex IT systems but perhaps without the economies of scale to invest in sophisticated defences. Medium-sized enterprises are also likely to be large enough to afford a sizeable ransom.

Another major factor in the targeting of medium sized enterprises is that they may be less informed than larger organizations. As important as good virus and malware protection is, the best defence starts with keeping the organization and every individual within it, informed of the risks and given the tools to react to security threats proactively. How informed is your organization?

How an organization and its security teams share knowledge, identify, and then act on pertinent intelligence can make the difference between a business being crippled or carrying on business as usual.

At Engage ESM we take our customers’ security very seriously, therefore we are bringing new Security Operations functionality in July with the Jakarta release of ServiceNow. In addition to more 3rd Party integrations, this release includes the launch of a new application built into Security Operations, called Trusted Security Circles. These allow organizations to proactively and securely share threat intelligence in near real-time with suppliers, partners and peers (read our technical insight into Jakarta here).

This release is exciting for existing and prospective ServiceNow users and our consultants cannot wait to begin implementing the new Security Operations functionality with customers. As a Gold Services ServiceNow partner, Engage ESM is ideally placed to help. To learn more about this release and to organize a demonstration, please get in touch here.

Why Performance Analytics?

Venetia Rook - 1st December 2016

I had a great time at the NowForum and managed to attend a couple of interesting breakout sessions. I also had the opportunity to wax lyrical on the Engage ESM stand about my not so secret passion for Performance Analytics, but if you missed it my summary is below.

I’ve had better Christmas Presents!

My background with ServiceNow is as a customer. Having been part of the team that successfully implemented ServiceNow, there I was, leading the ITSM Reporting Team and struggling to provide the level of BI required. The team were constantly exporting data from ServiceNow and manipulating it in Excel for establishing trends and reporting against targets, then producing charts and copying them into various Word and Powerpoint documents every month. (Yes, I can feel you nodding along sympathetically).

My director at the time delighted in telling me he’d bought me Mirror42 for Christmas, which was a step in the right direction, but the situation dramatically improved when ServiceNow acquired Mirror42 and developed the in-platform Performance Analytics (PA) we have today.

Getting Started

To get you started with PA, ServiceNow provide you with a solid base, not just for Service Management, but across the platform. Out of the box content includes 50 dashboards, with supporting dimensions, reports and KPIs.

Focus on Processes

For me, the immediate objectives that I was able to meet were to make my reporting team more efficient and providing meaningful, reliable information.

The key benefit of PA though, is enabling the Process Owners to focus on process efficiency, using core components of the tool.

External Data? Of Course We Can!

Scoresheets provide a simple view of the scores collected for each indicator, along with their breakdowns, all neatly presented in their own pigeon-holes.

But if that wasn’t enough, you can also populate Manual Indicators directly into the Scoresheet (like an Excel spreadsheet) to bring in scores for data external to ServiceNow.

Want to report on 1st Line Fix Rate against Average Number of Calls? Enter the Service Desk call stats into the Scoresheet (or import using a Transform Map) and the data can now be used in any calculation.

Visualise the Data

Now you’ve got all this marvellous data, it’s time to present it so that everyone else can share in the bounty and, another plus for your reporting team, they can spend more time analysing trends rather than copying charts into those Word docs!

  • Scorecards - The CXO view on a page to visualise indicator trends.
  • Widgets - A veritable goody bag of chart types to choose from, ranging from the simple line chart to the colourful Bubble Chart and the ever effective Heat Map.
  • Dashboards - Finally, bring together the indicators in meaningful sections, the dynamic alternative to the monthly report. Being able to see performance throughout the month, gives you a chance to influence events before they potentially get worse.

Enhanced Operational Reporting

As an added bonus, PA also enhances your operational reporting capability, providing these two features:

1. Multiple Data Series
Visualise multiple queries in one chart, e.g. Incidents v Problems Created per Month.

2. User Interactivity
Enable users to apply filters on a Homepage to change the focus to their preference. Saves having to build lots of reports for different dimensions – your reporting team will love you!

Christmas Cracker

So, why Performance Analytics?

  • OOB content across the platform
  • Focus on continual process improvement
  • Accurate and timely metrics
  • Variety of visualisations
  • Include data from external sources
  • Enhance your operational reporting

Make your reporting team happy this Christmas and whilst you are starting your New Year health check, consider using PA to enable a far more effective New Year overhaul for your processes.

Embrace Open Source Monitoring With Me

Chris Tate - 14th September 2016

So after at least a couple of decades (my how time flies!) of learning, implementing, developing and maintaining monolithic enterprise solutions, the scales might have finally fallen from my eyes and I’m about to embrace open source monitoring principles.  I’m old school, not one of the cool kids, not part of the hipster gang (I can't grow a beard and I don’t like artisan pickles!), just an ordinary IT bod with a head full of passwords, regular expressions and the constant worry about which new software, system, language, standard and buzzword (they reel you in eventually!!!) I am going to have to learn.  So what has brought this head rush of lentil and craft beer infused delirium - in one word “Monitorama”.  This is the small conference dedicated all things monitoring and open source, with healthy doses of organisational and cognitive psychology and sociology (they have a code of conduct), statistics (yay! Zzzzzzzzzzz!), cute pigs in Oregon zoo and time series metric collections.  I know, the delirium is about to consume you too with those headliners, but stick with me…

So Chris, what’s the deal with open source stuff?

I’m glad you asked…

  1. It’s free
  2. It follows reductionist system principles
  3. It infinitely customisable
  4. There is a really great community to support you
  5. It puts you in the driving seat rather than the vendor
  6. Because it is component based, it is open and transparent

The commercial systems we know and love are like this:

Lovely exciting shiny systems that we can spend years honing and perfecting, only after time-served acceptance into the inner sanctum of vendor protected technical support and development labs do we start to see under the covers into exactly how it all works and usually this is on the back of fixing problems.  Don’t misunderstand me, this is a good thing, it creates work and generates revenue which fuels economies and drives development within those organisations.  So it’s a polished product with support and maintenance structures.  It’s what we have all bought into, and we have had successes and failures, things have been challenging in some respects not least because the bits that do stuff that we want are encapsulated inside the commercial shell, out of reach of the naughty IPR thieves.

But what if the cat gets out of the bag, what if we remove that shell, we might see something like this:

(Reproduced from “The Art of Monitoring” by James Turnbull © 2016)

Suddenly we can see what the moving parts are, we have a name for them, and we can see how they interact.  We have reduced the system to constituent parts, that are transparent to us, and we are back in the driving seat.  Ok, so now we have lots of things to support and maintain, and we don’t have the comfort of a nice expensive support and maintenance contract to help us sleep at night.  That is true, the open source monitoring is about rolling your own solution and supporting as a community for free, scary I know, but what if the fact that the components only did one job in the system, that’s easier to deal with perhaps.  And if you had written, and more importantly instrumented, that component yourself, then you'd know it like you know a chatty character you have written.  What about if you have disentangled the metric display system and you can use a dedicated rich palette to produce meaningful data display to your business leaders (see Grafana -, maybe we want to define schema and storage / retrieval for our data in our way (see ElasticSearch -  What about how and what we collect, surely we could define that for ourselves (see Collectd - and what about processing all that event information very fast in a structured coherent way that makes sense to our business (see Riemann -

We can start by simulating our transactional space to understand where best to place our collection methods (see Adrian Cockcroft’s SpiGo and the Simian Army -, we can start making on-call guys wear health monitors and include metrics on the effects of broken sleep patterns (no really, we can and people are!!).  With the open source component based paradigm we are limited by our imagining alone (and how much R&D time our employers will give us!!)

The list is endless, the combinations countless, yes we need to become part of the community to extract the most from it, but the level of engagement is on our terms and that is fine.  And yes there is an overhead to producing really great monitoring for our systems, but that is true with COTS as well.  And hey, because its free, you can build your open source solution alongside your COTS products to see if it is a benefit, you lose nothing but gain everything.  Go on give it a go!!!!

Monitorama 2016 videos can be found here.

SmartGlance – The Message Behind the Concept

Venetia Rook - 24th August 2016

It was one of those days, no time commitments, raining (for a change)… and I decided to catch up on the videos from Knowledge 16. It’s no secret that I’m not especially into all things tech, but the ServiceNow team provided an entertaining demo of this concept, that had a very strong message behind it. Well it got me interested, so I thought I’d share.

The Concept

Imagine unobtrusively monitoring one key metric on your wrist, using real time analytics that predict a potential future issue and raising an incident for your team to investigate and resolve before it actually becomes business critical. Welcome to SmartGlance.

The Story

An exec of a company is monitoring Customer Cases as his key metric. He’s on a date and knows it’s bad form to keep using his phone, but can get away with the odd glance at his watch. Quick caveat here, if it’s a first date, constantly looking at your watch, is not likely to lead to a long, happy relationship either!

Mr. Exec is alerted to an upwards trend in the number of customer cases being created that could become service impacting in the next 90 minutes. With a discreet tap of his finger, an incident is created for his Ops Team back at base.

Email? No thanks!

We’ve all got those email rules set up to channel emails to folders for future reading (that we never read) in a vain attempt to reduce the inbox clutter. Here’s an overview of the demo of the ways you can effectively and efficiently communicate using the power of the ServiceNow platform.

The Ops Director is on his laptop in the office. He invokes a Chat with his team to investigate the issue.

Back to the Exec who has excused himself and nipped off to check the Visual Task Board of Incidents by Urgency on his iPad. Aghast to see that his incident is Low he immediately moves it across to the High column. That should spur the team into action!

The Ops Team react to the virtual nudge and identifies the fix required (including a snazzy Orchestration demo to patch the affected devices). The Ops Director wisely decides to keep the boss informed, knowing that Connect will alert him on whatever device he’s using at the time.

The Exec pulls out his Android phone, accesses the ServiceNow app while his date is in the ladies and is now a happy bunny. Yes, there’s no excuse now for not keeping up to date with your business, the Android app is here.

A Quick Peek at Performance Analytics

Remember that alert the exec got?  This is using real time analytics, projecting trends from past data to predict a future event.

The Ops Director has a PA dashboard he uses and this includes a nifty new widget – the Geographical Heat Map. You can select from a range of maps, including the World, and from here you can drill down to more granular maps and finally to a list of cases for a specific town. Great visualisation to quickly focus on a geographical location and drill down to the underlying metadata.

Experience the Service Revolution

SmartGlance is a concept but the message is real. If you use a common platform to log issues, provide real time reports, analyse data, collaborate and communicate, the experience is far more efficient and service is greatly enhanced. Now, where can I get one of those watches?

The Rise and Rise of High Value Service Management Customer Experience Demand

Andy Spence - 11th May 2016

The Early Years

I started out my career in the early 1990’s as a desktop support analyst, working to support customers over the phone and face-to-face.This combination of a support analyst being able to provide a service by telephone, but also resolve a query or fix a problem face-to-face, quickly disappeared over the next few years as remote takeover tools and low-cost call centres became the norm.

The emphasis and reliance on service levels from a quantitative perspective became the big reality for a long period of time as the desire to drive down costs was the number one priority (ie average speed of answer, talk time, incident resolved or assigned to a group as quickly as possible).

As a Service Management Product Manager over the last two years, I have been exposed to the evolving market around end-user support, especially in the area of Service Desk and Field Service offerings. I take particular interest in the changes in expectation levels of higher service quality vs low cost offerings, and see an opportunity for all Service Providers and partners if they are able to embrace the shifting demands out there.

Changes Are Afoot!!!

Only very recently has the market started to see a change in attitude towards IT and Enterprise Service, where more organisations are looking to engage with a higher value customer experience for its staff, rather than the reactive, low cost models of the past. This shift confirms that priorities are changing, provided that the resulting employee satisfaction and business productivity reflects the investment.

Today, it is not uncommon for all contracted service levels to be green, but the end user satisfaction is low. This suggests there is a case for re-assessing the value of quantity-based service levels and moving to a more quality-based focus.

Don’t get me wrong, there is still a big market out there for the low cost type service model…..but the tide is changing.

As you will appreciate, much of the drive in this direction has come from the consumerisation of IT that we all experience in our daily lives. As the dividing line between personal and work-based technology has become increasingly blurred, that level of service and functionality needs to be replicated within the work environment.

For example, when we experience a slick service from an Apple Genius Bar or online with Amazon, we feel there is no reason why we should not experience that level of service from our employer and their suppliers.

What Is The Challenge?

The challenge today for some longer-standing service providers is how they try to move away from the historical low-cost IT service model and move into the expanding market that is “value add”.

Some could find it difficult to move into this arena because they are historically setup to cost and build the “budget / reactive” service that has served them well in the past. The existing contact management processes, people and relevant non-integrated tools may not be capable of moving to the full blown automated, proactive service that would set them apart in the developing Value Add market today. The result being they may need to invest heavily in setting up a brand new service, with people, process and tool cost implications before being able to compete.

There is also a danger that without a strong go-to market strategy, the service provider may start to lose its focus on its core services, by offering mixed, weak solutions that neither add value or quality, resulting in an ever increasing loss of market share.

The good news for the newer service providers and associated partners is that they seem to have a better starting position as they have less “historical baggage” with tonnes of flexibility, modern technology baseline and expertise to compete in this relatively new market.

Some of the value add elements that are becoming differentiators in end-user experience of services globally are:

  • Technical pit stops – where employees can walk up to ask questions, try new equipment etc.

  • Support staff who are not just trained to be technical, but also can sell the company and be customer service orientation
  • The use of gamification tools and IT forums to empower end user groups and motivate service provider staff.Bi-directional contact channel management tools that are fully integrated across the enterprise to allow proactive communication between service providers and end users.

  • Bi-directional contact channel management tools that are fully integrated across the enterprise to allow proactive communication between service providers and end users.

In Summary:

Service Providers and partners need to be tuned in to this developing demand and be market-ready to provide a high value offering that reflects the expectations of the consumer base today, and gives them a lead in grabbing the market share going forward. The key is listening and watching the market, whilst ensuring the investment in tools, people and process covers all bases that will allow the service provider to be ahead of its competitors in this value add space.

ServiceNow – Reporting for the Geneva Generation

Venetia Rook - 9th May 2016

There was a lively discussion at the April 2016 UK SNUG, on the Reporting & Performance Analytics table. It’s no secret that early adopters of ServiceNow have often been
frustrated by the lack of reporting functionality, compared to the riches offered throughout the rest of the platform! From the conversation around the table, it appeared that the goodies unveiled in the Geneva release may well have been overlooked, so welcome to Reporting for the Geneva Generation.

A Big Hello to 4 New Report Types


Single Score

Great for Homepages, just note that it doesn’t support any threshold colour changes. Well, you can’t have everything.


Heat Map
Heat Map

Heat Map

Just set the minimum and maximum colours and let the system do the rest. The legend can be toggled on/off as required.

Bubble Chart

In this example, the chart shows open incidents, priority v state. The aggregation within the bubble (grouping) is the reassignment count. Another handy feature that has been introduced (not just for this chart type I hasten to add) is the ability to have multiple groupings on 1 chart.

Fanfare, drum roll, flag waving, a personal favourite…at last…the Multi-Level Pivot.

Multiple rows and columns to slice and dice your data, with the added bonus of conditional formatting to highlight figures above set values and, as if that wasn’t enough, multiple ordered rules for this, so you can control which one fires first.

Performance Analytics Perks

As we know, Performance Analytics provides visibility of trends, targets, threshold warnings, service performance etc, etc, but the PA Plugin also gives a couple of added benefits to Operational Reporting:


Multiple Data Series

You can now visualise up to 5 data series on one chart, combining different chart types (Column, Line, Area, Spline) with different tables (e.g. Problem and Incident) and you can display results against the 2nd Y Axis.



User Interactivity

This is a cracking feature. Basically, you add filters to a page for the end users to apply themselves and as long as you have ticked the box on the widget to follow the filter, as if by magic, all of the charts on the page will reflect the filtered value(s). No more building lots of reports for different dimensions!


Icing on the Cake

  • Donuts can now be legend-free, with a big fat number in the centre and making use of the hover over for the breakdowns.
  • Choose your chart colour schemes from the palette or go wild and define your own.
  • Add reports directly to Homepages without the need to create gauges first.

So what are you still doing here? Time to dust off those KPIs and jazz up your reporting.

Reaching New Heights at the April 2016 UK SNUG

Ana Gaffney - 27th April 2016

We had a fantastic turnout at the latest SNUG held at RAF Cosford Museum on 26th April, and I am sure everyone was looking forward to the wide range of presentations and workshops.

The venue was stunning and it was great to be able to get so close to such amazing machines. Certainly there was plenty of photography going on!


We kicked off with a presentation from one of our customers - University of Liverpool and that certainly sparked a lot of conversation at the end of the presentation around Auto-assign.

Throughout the day there was also a Hackathon, facilitated by Simon Morris of ServiceNow.

Next was a new section for the agenda, Customer Sharing, where current users just informally share what they have been doing with other interested users. This was very popular and we hope to get more users happy to come and share the interesting things they have been doing in ServiceNow.



After lunch (and some great cakes!) we had our breakout sessions.

Gavin Palmer-Mills presented a very popular overview of his SIAM implementation at TNT, whilst at the same time CliQr discussed Vodafone’s Cloud Transformation. Those that did not fancy either of those were able to catch up with the Hackathon update.

After the Quarterly Patching update, we moved to the networking session, once again the topics had been selected by the SNUG committee as a result of feedback from the group to make sure members are getting access to the information they need.

We finished with the final Hackathon demo which had resulted in a nice little app. Someone commented that what had been achieved in 4 hours was better than they had achieved in severals weeks.

So a successful day, and a good opportunity for those that can’t make it into London to be able to participate in the User Group. We look forward to seeing as many of you as possible at the next SNUG.

IT Coming Out Of The Shadows

Rob Corradi - 15th April 2016

What is Shadow IT?

The term “Shadow IT” (aka “Rogue IT”) has broken from those shadows and become a mainstream phenomenon within the IT industry, but what is it?

To be clear let me state here and now two things that it most definitely is not:

  • It is not security breaches by external parties (e.g. the notorious use of Gh0st Rat)
  • It is not the use of the dark-web

Shadow IT starts, typically, with more innocent intentions. It is the use of IT provided from sources other than those that are provided or approved by the IT department of an organisation. It stems from the consumerisation of IT for home users, the frustration that these same users have with their work IT not providing the same level of service that they
obtain outside of work. This leads to the logical step of using that same home IT solution in the workplace. Many people will be prompted to ask “So what?”, after all it does not cost the IT department anything, nor do they have to support it. That’s a clear “win – win”.

If it were that simple then indeed it would be a win-win and it would certainly not have the name of “Shadow IT” attached to it!

Why Worry?

With the proliferation of “free” and easy-to-use cloud solutions to address technical challenges the situation can rapidly get out of control at a rate which has never been seen before. You will not be the first, nor alone, in finding that an individual has engaged in the use of a consumer cloud solution. They may have solved their immediate problem that could not be solved to their satisfaction by the corporate IT function, but without reading all the terms and conditions in the agreement (very few people ever do) they are likely to have also:

  • given up ownership of all the data that is being hosted by the cloud provider. This may mean that sensitive data, or data that forms part of a revenue generating product, is no longer within your control. The data in the consumer cloud solution now belongs to the cloud provider
  • not conducted the due diligence to ensure that any data, that is required to, remains within the correct geographical area.  European Data Protection directives impact where personal data may be held

With a recent survey by Frost & Sullivan suggesting that over 80% of employees use non-approved SaaS applications in their jobs, Shadow IT needs to be addressed in every organisation.

This is not a small problem either. A recent Cisco report discovered that companies are using up to 15 times more cloud services than CIOs were aware of or had authorised. Nor is a specific industry or geography exempt from the effects.

Of course all this costs money. The same report shows that the true cost of public cloud is 4 to 8 times higher than the cost from the private cloud provider.

So What Can The IT Department Do To Combat This?

A few things I can suggest are:

  • Discover the frustrations of staff that are causing them to ‘go outside’ the IT department and see what you can do to
  • Improve the lines of communication so staff know what systems are in place and the issues that these address
  • Educate employees on the dangers of unauthorised software/apps
  • Institute governance and develop a formal policy on BYOD and Shadow IT

Shadow IT is not going to disappear so it needs to be managed. It is an ever-evolving and moving creature. It changes as the trends of consumer IT change and is now an ever more mobile challenge, and BYOD further increases the challenges.

How Can We Help?

Engage ESM have been helping customers put governance around request and provisioning cloud infrastructure services using ServiceNow for a number of years. With the recently announced partnership with CliQr we now help put the same governance around the request, provision and billing of cloud apps as well. We can enable you to make your corporate IT more akin to the consumer experience that your users want.

To understand more please visit Cloud Brokerage

ServiceNow and the SIAM Model

Parik Narain - 23rd March 2016

The use of the SIAM framework has been gathering pace lately, so I thought I would cover exactly what SIAM is and how you can easily get ServiceNow to support this framework.

What is SIAM?

SIAM (Service Integration and Management) is a widely used service integration model within Government entities that is now being quickly adopted in the non-government sector. In essence it is a framework for managing multiple suppliers of IT Services. Similar to ITIL and Prince 2, SIAM was conceived and initially developed by the UK Government as a way for large government IT organisations to better manage and control multi-sourced operations.

SIAM is used to address the following potential pain points:

  • Lack of transparency or understanding of end-to-end service level performance
  • Reluctance of collaboration across suppliers, caused by unclear demarcation of responsibilities
  • Lack of innovation
  • Multiple costly change requests
  • Poor architectural integration
  • Labour-intensive reporting and/or lack of data
  • Cost reduction and simpler integration when suppliers use same system
  • Blame culture between multiple internal and external suppliers
  • Contractual constraints hinder agility

The type of organisations that benefit the most are those with a large number of suppliers to who they send and receive data, such as logistics or manufacturing companies. But there are those organisations whose very products are based on the provision and use of third party data, such as finance, gambling, media & information companies, who can gain huge benefits from the implementation of SIAM.

Benefits of SIAM

SIAM offers the following benefits:

  • A more affordable, competitive, flexible and agile IT supply chain
  • Improved ability to govern, assure and deliver IT services
  • Enhanced IT to Business alignment leading to increased innovation
  • Improved speed of response to business requirements whilst regulating supply and demand
  • Opportunity to broaden the portfolio of services available to the organisation
  • Access to technology specialists with additional resources readily available
  • Greater agility and decreased time to market
  • Cost reduction due to supplier competition
  • Single point of contact for the delivery of integrated services

How does SIAM work?

Figure 1: SIAM Specific Services
Figure 1: SIAM Specific Services


How Do You Get The Best From SIAM?


To get the most effective SIAM model you need the following:

  • Clearly defined requirements for critical and non-critical services eg non-critical services support could be in-house whereas mission critical services may require a more integrated service model
  • Service integration arrangements, which focus on Service performance, availability and based service arrangements, instead of just a supplier’s commercial perspective
  • Service integration based on complexity of service
  • Focus on interoperability to enable seamless workflow, performance and service management

The Service Integration should look like this:

Figure 2: Integration Model (
Figure 2: Integration Model (

Core SIAM Services also includes the provision of Integrated ITSM tooling providing interface and data policies and standards that facilitate all Service Provider feeds into a central data hub, with full communications exchange to enable SIAM to manage the end-to-end service in real time.

Based on a department, the service integration design may differ. It can be completely operated in-house (Retained SIAM) or Outsourced where the key service operation is managed by a supplier.

e.g There may be multiple supplier (Service Integrator) Service Desks (Towers) responsible for service operations or a single in-house desk for the same.

How Does ServiceNow Work With SIAM?

As we all know, ServiceNow supports ITILv3 processes compliant out-of-the-box and can comply with SIAM with just a few tweaks.

There are a few key process areas that need to be modified:

  • Task Based Incident Management
  • Incident Interfaces
  • Request Management

So if you are already utilising the ServiceNow platform for your internal ‘suppliers’, minimal effort will allow you to capitalise on the power of ServiceNow to manage your external suppliers as well.


The customer in control of their Cloud IT? Who would have thought it?

Andy Fleck - 29th January 2016

App is King:

As part of my role at Innovise ESM, I am always looking for emerging technologies many of which extend the ServiceNow platform, and as such I’m always on the lookout for the next big industry trend. You may not have heard the name yet but CliQr has a very good shot at being the next big disruptive technology player in town. But more of CliQr later. First a little history and some context…

I work with vendors and partners large and small, but in this this ever changing competitive landscape, one constant today is the power of the software application. And now with mobile devices running that software, power is truly being placed in the hands of users in way that was unthinkable just a short number of years ago.

Many organisations and individuals in IT are therefore rather unsurprisingly, reducing the amount of time and resources spent on infrastructure as a way of focusing best effort on applications. An increasingly common approach is to leverage SaaS (Software as a Service) applications where possible and move both new and existing applications to public cloud IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) as appropriate.

Hybrid Cloud 2.0

One consequence of this new world order is that architects and developers have experience with application deployments across multiple cloud environments. Enterprise IT organisations often work with multiple public and private clouds and as such some are on their 2nd or 3rd iteration of their cloud strategy. The increasingly prevalent view is that multiple clouds alongside hybrid cloud offers the best combination of speed and flexibility – and crucially, supports the role of IT as a strategic partner within the business.

However, this explosion in complexity and architectural options when deploying applications in various cloud environments creates a real challenge. Not all clouds are created equal and as a result both developers and IT professionals must learn the specifics and nuances of each environment. Precious time can be wasted working across different environments, whether AWS, VMware or Rackspace, all require specific support to enable and support applications.

The end result is that scarce resource is once again taken away from the application, the critical touch point between the technology and the customer, and wasted on the supporting infrastructure.

Application Abstraction

How many people in your IT organisation really required deep Linux kernel knowledge? Not many I bet. Red Hat does a fantastic job with Red Hat Enterprise Linux and they also provide excellent support to those that might have to go in knee deep with kernel level questions and issues.

This vision of abstracting the application from the technology is the philosophy at the heart of CliQr. What CliQr has done is develop a hybrid cloud management platform that abstracts the underlying cloud technology, APIs and deployment specifics away from those that develop and support applications.

It will now be possible for architects and developers to build and deploy applications across multiple public, private and hybrid clouds, without them having to maintain a deep technical knowledge of each. IT will now have the power to manage and maintain a portfolio of enterprise applications across environments without requiring, say separate AWS and VMware teams.

So once again, the IT organisation will be able to focus on adding value to the business, rather than on underlying technical aspects – which don’t directly add value. Which of course, is as it should be.

Cloud Brokerage

Look out for a follow-up blog where I’ll share more details of the CliQr infrastructure. But in a sentence the secret sauce in the mix is an orchestrator installed in each target environment (so say AWS or Rackspace) that manages the application deployment and ongoing interaction with the underlying technology. This orchestrator is continually updated by CliQr with the net result that it just works.

This means the customer can take full advantage of the latest services offered by each cloud vendor and simply deploy to the target environment - without any detailed technical knowledge of the specific cloud provider being utilized.

Also of note, is that cloud vendors vary enormously in terms of cost and quality of service, but often organisations will find it problematic to seamlessly move workloads from one environment to another. With CliQr whether migrating applications, augmenting capacity, offering IT as a Service or driving down cloud procurement costs. Problem solved.

In a word or two. Clever stuff. But what’s really key here is this marks a much needed step change – as for far too long customers have been at the mercy of the large cloud providers. But perhaps if CliQr has any say in matters, the status quo is about to change. The customer in control of their Cloud IT? Who would have thought it?

Learn more about how Engage ESM is working with CliQr.

ServiceNow - Managing Your Environment

Venetia Rook - 13th January 2016

Those of us who have ever worked in large offices have no doubt all been guilty of thinking our office moves, cleaning and availability of paper for the printer happens by magic. In fact, the smooth running of our environment is controlled by Facilities Management (FM) which, along with Property Management, continues to evolve as businesses realise the need to understand the space they have and how it is being utilised. With the Geneva release, ServiceNow offer some major features/enhancements to support this area of Service Management, significantly increasing the platform’s potential.


Space Management

A key new concept is Space Management. Buildings are now included as Assets, so the CFO will easily be able to have a view of costings (e.g leases). Spaces extend from the Location table because this is referenced throughout ServiceNow and is not restricted to rooms; it can be anything from a gym, to a table or even a parking space.

The main benefit is the ability to flag the space as occupiable (after all, you wouldn’t want to seat your new starter in the Ladies Toilet, now would you?), define the maximum users for the space, allocate people to them (primary space and any other place they may have at their disposal) and then roll up the occupancy percentage by level/floor (oh yes, we don’t just have floors now, remember the outside parking spaces!), building and overall company. The FM team (and the ever so grateful CFO) can now understand the space they have and how efficiently it is being utilised.

Zoning In On Groups

If that wasn’t enough to whet your appetite, we also now have logical groupings of spaces called Zones. These can be departments (it’s not always possible to seat everyone in one area), cover multiple buildings, or most usefully (with my IT Service Management hat on) show spaces that get their network access from a specific WiFi access point. I know you’re way ahead of me here, but this is a really good example of Enterprise Service Management in practice, not just the sales speak! IT know there is an incident affecting that WiFi point and FM know where, and crucially who, is affected. Simple, but oh so effective.

And Last But Not Least

In true showcase fashion, I’ve left the best ‘til last – the new and ever so snazzy interactive Floor Plan Viewer. (N.B. Legacy floor plans can be migrated to this new feature).

People can easily locate rooms and colleagues using the self service capability, and this really helps the FM team manage spaces, requests and tasks and supports the other new feature, the workflow-driven employee Move application.

The maps use GPS co-ordinates and ServiceNow have partnered with Micello, experts increating GeoJSON maps (that’s the techie bit). There are icons so you can easily spot the Fire Extinguishers and the ever so useful bathroom facilities, information can be updated from the map and if you are a member of the FM team, you can identify the tasks assigned to you and see where they are located.

The Geneva release is the start for building out this area of Service Management, so Watch This Space!

For more information on how Engage ESM can help you implement ServiceNow in Facilities Management, please contact us.

The ServiceNow Geneva upgrade is here!

Jess Robinson - 15th December 2015

It’s an exciting time in the world of ServiceNow – the Geneva upgrade is finally here!

Development Improvements

From the development side, one of the new additions we’re very excited about over here at Innovise ESM is the new scripting IDE. Scripting is such a powerful tool in ServiceNow, and up until now, developers have had to use third party word editors such as Notepad++ or Sublime Text if we wanted extra features, such as syntax highlighting. With the new integrated development environment in ServiceNow, we can spend less time copying and pasting, and more time coding!

One of the tools included in this is the new auto-completion feature (see below). No more frantically searching the ServiceNow Wiki APIs to try and find exactly which function will do what you want – they now appear in a handy list, along with a short description.








The UI has been overhauled for Geneva too, which brings a whole new look and feel to the service. New themes, icons, and design means that the system is more customisable than ever before.


The Knowledge feature is one that is fast becoming invaluable to businesses, as it fosters self-learning and quick access to common questions. Geneva brings with it a new format for knowledge, Social Q&A. Popularised by many websites including Reddit, StackExchange, and Quora, this means that users can ask any question, with correct and/or helpful answers rising to the top of the answer list via votes.

This innovative and familiar system minimises editing and checking by the Knowledge team, as the voting system self-regulates, with unhelpful or wrong answers sinking to the bottom of the page. The question owner can also “accept” an answer, which will instantly place it at the top of the page (right below the question). The Social Q&A feature slots in seamlessly alongside other types of knowledge article, meaning it can be searched, categorised and tagged.


Another plug-in that has been improved upon massively with the Geneva upgrade is the new version of Notify. By collaborating with Twilio, it’s now easy to send text messages and set up calls when certain events happen – all using the intuitive Workflow design. For example, you can set up a conference call with key stakeholders when a high-priority incident occurs, or you can notify users via text with their change update. With the capability to also notify users via Apple Watch, the opportunities for integration just keep getting better.

There’s bound to be more progress that can be made, bugs to be found, and new challenges to be faced – but for now, Geneva is a great improvement and expands the boundaries even further of what ServiceNow can offer.

For more information on how we can help you upgrade please contact us.

Accelerate into 2016 with ServiceNow!

Ana Gaffney - 10th December 2015

So 8th December saw another AccelerateNow, the exclusive event for ServiceNow customers. We had a lovely venue at Grange St Paul’s Hotel – greatly helped by the unexpected December sunshine.

There was an excellent turnout of nearly 50 customers, keen to hear from a variety of ServiceNow speakers.

We started with a recap of some of the main points from the NowForum from Cliff Davies. Neil McGowen, Enterprise Strategist, then covered driving SN into other areas of the business. He raised some interesting points about taking a step back and looking at why we are in business in the first place. Businesses are looking for return on capital, increase in shareholder value etc. So how do businesses achieve this? It is through growth, productivity and risk management. And this is where ServiceNow can help.

ServiceNow does not just provide a single, tactical solution. It provides a platform that allows you to deliver service across the organisation, not matter what that service is or where it is. This drive towards operational excellence promotes growth, increases productivity and efficiency, and provides risk management and governance.

Then after a short break for refreshments, we were all excited to hear about what will be coming in the Geneva upgrade……. but that’s for another blog.

AccelerateNow runs regularly throughout the year with different agenda items – if you are interested in registering your interest for the next one please click here.

Or click here for more information on how Engage ESM can help you extend your ServiceNow platform throughout your enterprise.

Why ITIL is all about the Four P’s

Tuuli Bell - 1st April 2014

Recent customer conversations have inspired me to discuss ITIL (IT Infrastructure Library), the main framework of ITSM. For those who are new to ITIL; it is a best practice, based on years' experience and advice from the industry leaders. It has established a “Four P's” approach to ITSM: People, Process, Products and Partners; which I will talk about in this post.

Recently I was leading a workshop which changed from a purely technical requirement capture session into a discussion about processes; people's (perceived) behaviour within the processes; followed by sharing thoughts and ideas about process enhancement requirements. Only after this very valuable discussion could we proceed to the technology, which ended up being the easy bit — as is often the case.

On another occasion, while I was presenting a product demo, instead of going straight to the technical detail, I took a moment to gauge the current state of the customer's processes — this steered the discussion towards process definition and its importance over a product.

ITIL rightly suggest that all four P's are essential. A line of code (Product) gives a known output with a known input. People add an unknown component to the Process; the output can be made more predictable with workshops and an aligned User  Adoption program, enabled by Partners and supported by the right technology.

Even the most complex technologies are often simpler than the human mind; as in the previous examples. A computer program runs as reliably as it has been programmed to run, and the output is predictable with known inputs. However, people with different learning and personality types tackle problems differently, resulting in unpredictable process outputs. Ideally, an ITSM system or a workflow should be designed for and with the end users, bringing the four P's together.

8 Reasons Why You Should Adopt ITIL

One of the first questions on any subject is ‘why’ rather than ‘what’. With this in mind I collated my list of why you should adopt ITIL

  1. 1. ITIL helps you succeed.
    • In ITIL’s own terminology, it delivers value to you, the business, and functions of the business. Value is a broad term but concise in defining an indisputably positive outcome.
  2. ITIL makes you think ‘business’.
    • ITIL bridges the gap between IT and the Business. To put it simply, Business and its IT function have a “different view of the world” as shown in the figure below. This difference in perception can create unwanted tension. ITIL bridges the gap by bringing the Business closer to IT and vice versa through defining and delivering value to each stakeholder.

Figure 1: The Business and its IT function have a “different view of the world”. This perception of the other can create tension in the relationship. ITIL bridges the gap by bringing the Business closer to IT and vice versa through defining and delivering value to each stakeholder.
  1. You can review your current state, set goals and action
    • Continual Service Improvement is one of the key elements of ITIL. It not only lets you take a step back and develop the framework and adoption; but also gives you a means of viewing the business from a different angle. Listen to your colleagues, maybe run a survey, and suddenly you might be doing knowledge management, too!
  2. You decide
    • ITIL is a guide only, it is there for you to refer to and help you. Ultimately it is up to you how, why and which aspects of ITIL you adopt.
  3. ITIL can integrate
    • Other frameworks such as Six Sigma, Cobit, and SIAM link up to flexible ITIL.
  4. You get support and resources
    • ITIL is widely accepted and adapted, and has a strong support network. You will have plenty of resources from KPI libraries and Process maps to user forums, professional institutions and partner support channels.
  5. Your imagination is your limit
    • ITIL can be adapted outside of IT, with examples from CERN to HR.
  6. You can influence the future of ITIL
    • ITIL is a community-driven framework, and if you have found improves in the use or adoption of it, share it with the community. AXELOS (who acquired ITIL and other frameworks in 2013) are keen to listen to other practitioners in the field.

So How Has The Acquisition by AXELOS Helped?

The current mantra of AXELOS is that ITIL is now free from government constrains which can lead to three major improvements:

  1. Thinking global and local
    • ITIL has roots in the UK but since its conception has established as a globally renowned framework. There are future plans to better address cultural and linguistic differences around the world to create a more global ITIL framework.
  2. Community-driven
    • As part of the refurbished ITIL programme, any changes to the core framework would be driven and supported by an experienced ITSM community.
  3. Finding the focus of ITIL
    • ITIL is, and will remain, the main framework of ITSM; but it is hard to deny the ITSM boundary is changing. We have all seen the recent emergence of ESM (Enterprise Service Management) – Service Management for the entire enterprise, not just IT.

“Excel” with ServiceNow Advanced Reports - part 3

Krishna Koneru - 20th August 2013

This is the third and final blog on how to use ServiceNow ODBC drivers for Excel reporting. The first blog was a general overview, and the second blog about how to install and configure the driver. In this blog I will show you how to import data from ServiceNow to Excel  using the ODBC driver.

Build Microsoft Query

1. First, we will need to build a MS Query to be able to use the ServiceNow ODBC Driver as a data source provider in Excel. I’m using MS 2010.


2. Select ‘ServiceNow’ as your data source, un-tick  ‘Use the query wizard to create/edit queries’ and click on OK.

3. Enter your login details as shown in the example screen shot below and click OK.

4. From ‘Add tables’ window, select data tables (e.g. contract_sla, task_sla and incident) and click on Add button. Now we will see three tables that we selected in the query pane.

5. Click on close button in the ‘Add Query’ window to close it.

Select data

Then, select the data that you would like to create into a table:

1. Create joins (similar to Database views on ServiceNow) where needed - you can see a line between these two tables.

2. Enable filter pane by clicking on  filter button (e.g. to pull only this year’s data).

3. Select fields from the selected tables as required adding them as table columns.Note: To see display values for reference fields and list fields, use fields that have a prefix of ‘dv_’ to field name. For example, to have priority as a column instead of ‘incident.priority’ use ‘incident.dv_priority’.

4. If you want to save this query then click on File > Save As. If you want to run this query and load data into excel, then File > Return Data to Microsoft Excel.

Create a (Pivot) table from the selected data

Finally, let’s create a table from ServiceNow data. In this example, I will show how to create a Pivot Chart but you may have other requirements; Excel has a huge amount of options for various graphs OOTB.

1. Show the data in a table as shown below and click OK.

2. Create this into a Pivot Table in new sheet. Insert > Pivot Table > Pivot Table


3. Then, select the table range, select New Worksheet and click OK.

4. Drag and drop the fields into the pivot boxes of Report filter, column and row labels and values.

5. In this example, we convert the count values to percentage by placing the cursor inside the pivot table, Pivot table tools > Options > Show Values As > % of Parent Row Totals. This is a handy tool when you want to compare the numbers quickly.

6. Finally, remove grand and sub totals to make report look cleaner and neat!

A pivot table in Excel, created with data from ServiceNow utilising an ODBC driver.

As mentioned in my first blog, you can now share this report; the data can be updated by those with access to ServiceNow only.


The Wiki page is useful source of information on using ODBC Driver in Excel.

“Excel” with ServiceNow Advanced Reports - part 2

Krishna Koneru - 8th August 2013

In my previous blog, I wrote about ODBC drivers and how to use them.  Here I will show the first part of the installation; how to install and configure the ServiceNow ODBC driver on your system.  Make sure you have read the other blog first.

Before you download the driver we need to decide which version (32-bit or 64-bit) of the ODBC Driver to download. This based upon your system and the reporting Application (in my example this is Excel) that you are going to use for building reports.

Choosing the right ServiceNow ODBC Driver

ServiceNow offers 32-bit and 64-bit ServiceNow ODBC executable files. Use the below matrix table to know which bit of ServiceNow ODBC driver is suitable for you.


32-bit ServiceNow ODBC Driver

64-bit ServiceNow ODBC Driver

32-bit Windows system and 32-bit Reporting Application

64-bit Windows system and 64-bit Reporting Application

64-bit Windows system and 32-bit Reporting Application

Generally, most of the systems will be having a 32-bit type Excel, even on 64-bit Windows systems, so you will most likely need the 32-bit ServiceNow ODBC Driver.

Download and Install ServiceNow ODBC Driver:

Go to the page and look at Section 6: Installation. There you will have a link to download the 32-bit ServiceNow ODBC Driver executable file.

Before installing the downloaded ODBC executable file make sure you login to the system as an Administrator. Then just follow the steps that are mentioned under Section 6.1 in ServiceNow Wiki ODBC page (

Configure ServiceNow ODBC Driver for your instance

Update DSN

In Windows, navigate to Start > Programs > Service-now ODBC > ODBC Administrator > go to ‘System DSN’ tab. Select ‘ServiceNow’ from System Data Sources and click on Configure button.

In the ‘DataDirect OpenAccess SDK Local ODBC Driver Setup’ window, enter ‘url= for Custom properties filed > Apply

To do a connection test, click on Test Connect button. Logon windows will open where you need to provide ServiceNow Username, Password and click on OK.

If you get the successful message as shown in the below screenshot then the details you entered are correct.

On some systems (32-bit ServiceNow ODBC Driver installed on a 64-bit system) you might encounter an error  

  • "The program can't start because MSVCR71.dll is missing from your computer. Try reinstalling the program to fix this problem."when you try to make use of the ODBC in for instance MS Excel
  • "[DataDirect][ODBC OpenAccess SDK driver][OpenAccess SDK Client]Failed to initialize the Service component." when you try to connect using iSQL

The solution for this is to create an environmental variable on your system to let it find the missed MSVCR71.dll file from the ServiceNow ODBC Driver installation folder.

Then add the path for example if you installed it in C drive and in Program files (86) folder the path that you need to add ";C:\Program Files (x86)\ServiceNow\ODBC\ip\Java\jre\bin" at the end of the ‘Variable Value’ field.

Click OK and save the changes. Another common error is “OpenAccess SDK Error:1001”, which is related to a proxy server. 

To fix this, you’ll need to know your proxy server details, and enter these in the IP Parameters. Open IE Browser > Tools > Internet Options > Connections Tab > LAN Settings, and find the  Address field and Port field values.

Change the global default

Changing the global default is less tricky than updating the DSN; just follow the steps that are mentioned in Section 7.1 on the ServiceNow WIKI ODBC page

“Excel” with ServiceNow Advanced Reports

Krishna Koneru - 5th July 2013

We all know that using ServiceNow OOTB Reporting users can generate table reports and chart reports. But there are some situations where it lacks more advanced functionalities like sections, sub-sections and adding free text inside the report, etc.

The Requirement

A recent requirement by a client of ours was that they needed a report to see percentages of Resolution/ Response SLAs for incidents, further grouped by priority to compare these values against their targets. This report should have the ability to let users dynamically select their desired assignment group, assigned to, and SLA stages. Also this report should have the SLA Target matrix table at the top of the report to let user know what the SLA targets are for Response SLAs and Resolution SLAs. An example of this report is in the figure below.

Figure 1: An example of a complex report. It is not possible to create this in ServiceNow OOTB

The Problem

It is not possible to create this report in ServiceNow using the ServiceNow OOTB reporting functionality because:
1.    Free text cannot be added inside a report to show target levels
2.    It is not possible to show multiple sub-sections in the table Assignment Group → Assigned To → SLA Stage
3.    The OOTB Custom Charts module doesn't give dynamic/ flexible graphs for the end user

The Solution

To overcome these drawbacks and generate more dynamic reports we can use ServiceNow's integration tool called ServiceNow ODBC Driver to create reports in Excel. The solution also lets users run this report whenever they want without a need to schedule the report and send them via emails from ServiceNow. ServiceNow ODBC driver is easy to use once configured; see the figure below.

Figure 2: We can use ServiceNow's integration tool called ServiceNow ODBC Driver to create reports in Excel

To import data into Excel and create reports you need to
1.    Install ServiceNow ODBC Driver on your system
2.    Use ODBC to build Microsoft Query and import ServiceNow data into Excel

I will show in my next two blogs how to install and configure these.

The Benefit

The benefit of using the ServiceNow ODBC Driver includes:
1.    Create more advanced and complex reports using Excel
2.    All ACL Security Rules are in place as it requires ServiceNow login details
3.    No extra Capex cost involved
4.    Once the report is distributed to users, there is no need of sharing reports via email, etc
5.    Reports are readily available on their system for users

Remember, the ODBC Driver allows customers to query their LIVE PROD database. So imagine someone who's not sure what they are doing and end up doing an endless query…

Let’s Get Physical: ServiceNow and Asset Management!

Thomas Wright - 15th May 2013

ServiceNow is brilliant at automation. From scheduled reports to SLAs, once the system is set up it runs without a hitch. One thing ServiceNow can't automate is the very manual process of replacing malfunctioning hardware, but perhaps we can help solve part of that problem.

The Challenge

Imagine the situation, a technician has just opened up an old DELL server and wiped the dust off a stack of hard drives. His task is to replace the 500GB Seagate drive with serial number SN826IP4193. Unfortunately for our unlucky techy this server contains no less than four 500GB Seagate drives, so in order to replace the correct drive he has to manually take out each drive and check its serial number. According to Sod's law, it's the fourth drive he checks, wasting a good ten minutes of his time.

A solution to this problem is to print barcodes and stick them on to every physical asset the company owns. In this instance, positioning the stickers so they are visible without the need to remove the drive. The technician can then simply whip out his smartphone with a barcode scanning app to find the correct drive in seconds.

With some customisation, ServiceNow can be used to automate the creation of ready to print barcodes as shown in Figure 1.

Figure 1: A barcode can be automatically generated by ServiceNow.

Now For The Techy Bit

We can create the barcode shown above in ServiceNow using a client script on a UI page, keeping all the processing required on client machines. The code used to generate the barcode is freely available1.

The UI page is set up with the javascriptJavaScript linked above entered in to the client script field, and the HTML field is occupied with the following code:











Asset Name: SN826IP4193















The UI Page then builds the barcode when called. The above example has a hard–coded asset entered, but could be modified to accept an input from, for example, a UI Action on a form view. Using this method, once a physical asset has been entered in to ServiceNow, a barcode could easily be printed and stuck to the item.

Getting Even More From ServiceNow

Along with barcodes, there exists the familiar QR–Codes which appear on all sorts of products and advertisements these days and the less well known DataMatrix. Both of these have a major advantage over barcodes in that they can contain far more data. Instead of being limited only to a serial number of an item, they can store the model number, location, company, owner etc. All this information is available on the item itself, without the need to check any database. An example of this is shown in Figure 2.

With QR–Codes or DataMatrices asset data could be scanned directly into the system, avoiding human error and speeding up many processes in physical asset management.

Figure 2: Scannable Barcode, DataMatrix, QR–Code generated by ServiceNow.

The figures above contain real scannable data – try scanning with a barcode app on your smartphone and just imagine the multitude of uses these could have. If you would like us to help you with your Asset Management please contact us.


  1. The GNU General Public License (GPLv3)

Generate MS Word from ServiceNow

Roderick De Guzman - 7th January 2013

Happy New Year everyone! As promised, here is another article relating to MS Word Document generation within the ServiceNow platform.

The Situation

Having been involved (and have successfully GONE LIVE!) in a Global HR Transformation programme utilising ServiceNow as a Global HR Service Management platform, I have learnt and appreciated HR use cases and processes that I was previously unaccustomed to.These are in the following areas of:

  • HR Service Management (HR Incident, HR SLM, HR Knowledge, HR Problem, HR Change, HR Service Reporting etc...)
  • Case Management (Customer Services)
  • Document and Records Management
  • Workforce Administration(eg. Job Data Change, Reference Requests, etc...)
  • Recruitment
  • Exit Management
  • Leave and Absence Management
  • Employee Relations and Disciplinary
  • International and Mobility Services

This has opened my eyes and increased my appreciation in the complexity of running HR departments in a global organisation. But what it has also proven is what you can do with ServiceNow as a business process enablement platform.

One specific use case that keeps coming up with our ServiceNow and HR projects is around Word Document Generation. If you are familiar with the ServiceNow platform, there isn't an OOTB functionality that allows a user to automatically generate an MS Word Document from a record. In the world of Human Resources, documents (whether they are physical or electronic) are very important artefacts and impact almost all HR use cases and processes. This is most important for Reference Requests as part of Workforce Administration. Why not manage Reference Letters in your ServiceNow platform? So here is an art of the possible...

Art of the Possible

Below is a short video showing the functionality of generating an MS Word Document from the ServiceNow HR application (or any application for that fact).  The functionality can take any field(s) within a particular record and place it within an MS Word Document. This is facilitated by a UI Action, UI Page and a Script Include using WordprocessingML1.


Be mindful that this example is not a polished or complete solution, but shows what is possible.

The Solution

In summary, a UI Action is added to allow a user to execute a "Word Export". This UI Action calls a UI Page.

When triggered, the UI Page is displayed asking for the user to enter a desired document name.

The UI Page then references a Script Include which has the below snapshot of the WordprocessingML:

return gs.getProperty('');

createTheDoc: function() {
var theResult = false;
try {

var table_name = this.getParameter('sysparm_table_name');
var ticket_id= this.getParameter('sysparm_ticket_id');
var file_name = this.getParameter('sysparm_file_name');
var theType =this.getParameter('sysparm_list_name');
theResult = false;
var rowNumber = 0;

var gr = new GlideRecord(table_name);
gr.addQuery('sys_id','IN', ticket_id);

if (!gr.hasNext()) {
return false;

var strXML= this._excelFileStart();
//strXML += this._addCaseHeaders(gr);
//strXML += this._addVariableHeaders(gr);

var gt = new GlideRecord('hr');
strXML+='HR Number: '+gt.number+'';
strXML+='Caller: '+gt.caller_id.getDisplayValue()+'';
strXML+='Priority: '+gt.priority+'';
strXML+='Category: '+gt.category+'';
strXML+='State: '+gt.state+'';
strXML+='Details:- ';


The Script Include then saves the WordML document using the document name the user entered but with a .doc filename extension. The document is then saved in the attachments table and triggers an open.

This solution doesn't necessarily just apply to HR use cases. Think of what other user cases would have a need for an MS Word Document generation?

Lyncing ServiceNow

Roderick De Guzman - 18th December 2012

I'm still alive and yes, it's been a while since my last blog (April to be exact) and seeing it is the season of giving and the fact that I have a bit of time on my hands at this time of the year, thought I'd share a series of "art of the possible" around ServiceNow and its capabilities. This is one of many that I will be publishing over the next couple of weeks.

The Situation

One of our Solutions Advisors, Dr. Tuuli Sutinen (yup, that's right, DR!) provided me with some of her perspective around Social IT. She stated that the social dimension of any management tool cannot be ignored regardless of its functionalities. Sharing ideas and experiences in a social setting can build employees’ commitment to the company,1 and create new innovations more efficiently across departments.2

I totally agree and having spent the last 12 months talking with CIO(s), Heads of, VP(s) and Directors of Innovation, applying Social IT is becoming more and more important on how IT departments/services communicate with their customers and with each other internally.

If you are familiar with ServiceNow and its capabilities, you will know that the following currently exist:

  • Ability for an End User/Customer to initiate a Chat Session with a Service Desk analyst (via ESS);
  • Ability to post or reply to messages to a Live Feed either across the entire organisation or in a controlled group which is very familiar if you are a user of Facebook/Twitter;
  • Ability to create Chat Rooms within a Task, in particular an Incident, which allows organisations to create virtual situation/war rooms especially for discussion/resolving Major Incidents;

The above examples are all great ServiceNow capabilities, but what about being able to initiate a Chat session by the Service Desk/Incident analyst to an End User/Customer?

Several of our customers have asked if its possible to actually initiate a chat from an Incident ticket, but it triggers their Corporate communication tool (eg. MS Lync). Short of developing a bridge using the Lync SDK, there had to be an easier way of being able to do this. So here is an art of the possible....

Art of the Possible

Below is a short video showing how to open a new Lync conversation from ServiceNow, facilitated by a UI macro in ServiceNow combined with Lync URL protocols. The macro utilises SIP (Session Initiation Protocol) to connect to a person specified by URI (Uniform Resource Identifier)3.

Be mindful that this example is not a polished or complete solution, but shows what is possible without necessarily having to spend days/weeks bridging both platforms together.

The Solution

In summary, a UI Macro is added and referenced within the Incident > Caller's Dictionary Attribute field.

So below is a snapshot of the UI Macro called 'popup_chat'.


xmlns:g="glide" xmlns:j2="null" xmlns:g2="null">


title="Invoke Chat" image="lync.jpgx"/>


Get your own Lync icon (16x16 works well) and add it to the ServiceNow image library (but make sure you reference it correctly in your UI Macro script).

Once you have added your icon into your image library, go ahead into the Incident form. Within the Incident form, right click on "Caller" and select "Personalize Dictionary". In the "Attibutes" field, add "popup_chat" so that "Attributes" field looks like this ref_contributions=user_show_incidents;popup_chat

We have provided a reference link to the available SIP commands for Lync. Feel free to experiment and see what the others do!


  1. Beech, N. and MacIntosh, R. (2012) Managing Change: Enquiry and Action. Cambridge University Press, Cambridge, UK.
  2. Kilduff, M. and Krackhardt, D. (2008) Interpersonal Networks in Organizations. Cambridge University Press, Cambridge, UK.
  3. Lync 2010 HTML URL Protocols for HREF tags - Tom Kisner, The Lync.

Enhancing Attachment Visibility in ServiceNow

Roderick De Guzman - 16th April 2012

Ever received a similar business requirement for your ServiceNow platform that states, “When a file is attached to a Task (e.g. Request or Change Task as part of a parent Request/Change record), the parent record must have visibility of the all attached files across all its related Tasks.”

The diagram above illustrates this requirement. From an “out-of-the-box” instance, attachments can only be directly accessed from its associated record. In this case, you can only access a Change Task’s attachments by going directly into that Change Task. Watch the video first before you continue.

The example below will explore this requirement but in the context of delivering a Request from the Service Catalog.

The Challenge

When delivering Catalog Items (eg. Request Item), the workflow associated to each item can be as simple as a handful of tasks to a complex delivery model with 10+ tasks, many of them assigned to different fulfilment groups. Below is a typical example of a PC delivery workflow.

Often, with each of these tasks, files are needed to be attached to supplement its approval, procurement, fulfilment or closure. Whether it’s a signed approval from a manager, scanned purchase orders, delivery receipt or configuration documents, these need to be attached to a Request Task and managed throughout the entire process. The attachment functionality within ServiceNow is very useful, if not too simplistic.

However, managing the attachments “out-of-the-box” within each of the Request Tasks is not very pragmatic if you are the Request Owner (eg. someone who is responsible for the Request from start to end).

With no easy way to identify which tasks have attachments, or to see when new attachments have been added, the typical default work instruction provided to users is to manually go through each and every task, looking for attachments. Clearly this approach becomes very cumbersome and tedious.

The challenge here is to keep the “out-of-the-box” ServiceNow functionality of easily adding attachments to individual tasks, while giving the Request Owner visibility of all attachments from a single location.

The Approach

Our goal is to simplify attachment management within the service delivery teams, without removing the ease of use and intuitive “out-of-the-box” attachment functionality.

The solution must keep attachments visible and accessible to Task Owners, while offering this same visibility and accessibility of attachments to the Request Owner.

If we look at how a Request Owner manages the delivery workflow, we could design a suitable solution which compliments this behaviour. The Request Owner will open the case to view its status and its associated tasks. A sample screenshot is provided below to illustrate what this view may look like.

The solution must allow the Request Owner to see all attachments in this same view. With this design factor, the approach is to ‘propagate’ attachments from each Request Task to the parent Request Record, while keeping them visible within each Request Task.

To keep the solution consistent with the overall look and feel, the Relational Tabs at the bottom of the record becomes an obvious position to store a list of attachments from all tasks. In addition, along with a list of all attachments, details of which Request Task it was attached to would provide that extra visibility required by the Request Owner. The result is a one stop shop for all attachments across all associated Request Tasks:


The Solution

In summary, a business rule is added to the “attachments” table which waits for a file to be added to any Service Catalog Request Task. This rule is run on the server in the background immediately after a file has been attached to the Request Task. It does not require any additional input from the attachment owner, nor does it impact performance.

Before creating this rule, a new custom column was added to the “attachments” table so we could always link the attachment back to its source (hence the field name u_source as seen in the script below).

var gr = new GlideRecord(‘sc_task’);
if ( gr.get(current.table_sys_id)) {
current.u_source = current.table_sys_id;
current.table_name = ‘sc_req_item’;
current.table_sys_id = gr.parent.sys_id;

The solution is achieved whilst not duplicating/replicating the attachments (eg. one for the Request Task and replicated for the Request Record). The above is just a subset of the key configuration elements required to enable this enhancement.

The Benefits

Using this simple yet effective enhancement, a Request Owner receives improved visibility for attachments that are added throughout the entire workflow including in each Request Task. Attachments relating to a particular Request Record are shown and accessible in one central location.

The end result is increased efficiency by getting rid of extra user clicks and improves overall visibility for a Request Owner to manage all files that have been attached via an associated Request Task.

This similar enhancement can be deployed across all other processes such as Incident, Problem and Change Management.

Action Driven Service Request Catalog in ServiceNow

Roderick De Guzman - 1st March 2012

Looking at deploying ServiceNow’s Service Request Catalog but looking at an enhanced user interaction without necessarily deploying the Content Management application (CMS)?


Migrating from another ITSM system where you are using a very complex Service Request Catalog structure?


Is your current deployment of ServiceNow’s Service Request Catalog more Item Driven (where you have literally hundreds of items and you can’t see the woods from the trees)?

If you answered yes to any of the questions above, then this article can hopefully show you another approach worth considering. Watch the video first before you continue.

The Challenge

Many of us prefer to use (at least initially) the out-of-the-box ServiceNow Service Request Catalog look and feel without going to the extent of deploying the Content Management application. This may present certain challenges especially when we start enabling over 100+ catalogue items. For example, in the screenshot shown below, it’s the out-of-the-box catalog  and most items shown assume that it’s a request for a “New” item/service.

IT organisations have a tendency to define their Service Request Catalog (regardless of solution) from an “inside out” perspective. This perspective results in an Item Driven Service Request Catalog. What we mean by Item Driven is that there is a Request Item in the catalog for each action possible within a Service Offering. To simplify this point, refer to the screenshot below. Here you can see a “Desktop Management – Standard” category with four Request Items. This shows one Request Item for each action, Decommission, Move, New and Replacement.

As organisation’s progress with the rollout of their Service Request Catalog, we find that their users/customers start to complain of the catalog’s ineffectiveness to meet their needs. Submitting a request has become a tedious and confusing process. Users browse various forms and perform numerous clicks to submit a request. In addition, the administration overhead of your ServiceNow platform has increased due to the high number of Request Items that exist in your catalog.

The Approach

The objective is to simplify the Service Request Catalog structure from an end user experience but still allow the flexibility required to drive efficiencies in delivering the services shown in the Service Request Catalog. The solution must considerably reduce the number of Categories and Request Items from an administration overhead perspective.

Let’s take the example discussed above with “Desktop Management – Item Driven” category. Four distinct Request Items were created:

  • Decomission
  • Move
  • New
  • Replacement 

With the objective in mind, we could create a single Request Item called Desktop PC and incorporate what we refer to as Action Driven. Refer to the screenshot below.

By selecting a required Action (as per screenshot below), the system then asks the user/customer the required information needed to complete the request.

As the user/customer select the required Action, it would be ideal to also prompt the Service Levels associated to it to ensure we manage their expectations. Please refer to the video shown above to get an in-depth preview of this functionality.

The Solution

In summary, a Client Script is included into the ‘Desktop PC’ Request Item to hide /display fields based on the Action selected. This would prompt the user/customer to only provide information that is relevant for the particular Action selected.

A new table was created in the schema to associate each service with an SLA band. This table is then queried to display the approximate delivery time on the catalog form for the service selected. Here is a sample screenshot of this extended table.

The ‘catalog_item’ UI macro was modified to query the above table and fetch the correct SLA band to be displayed on item form.

    var sc_cat_slas = {};
    sc_cat_sla = new GlideRecord('u_request_item_sla_bands');
    //gs.log("Sys Id: "+"$[sysparm_id]");
    while( {
        sc_cat_slas[sc_cat_sla.u_action] = sc_cat_sla.u_sla_band.getDisplayValue();
        //gs.log(sc_cat_sla.u_action+" "+sc_cat_sla.u_sla_band.getDisplayValue());
    //gs.log("catalog_item UI Macro");
    var json = new JSON();


The UI page com.glideapp.servicecatalog_cat_item_view was then modified and the following code was included in the Script section to display the actual SLA band for the service selected.


 function u_updateDelivery(act) {
   if(act) {
      if (g_sc_cat_slas[act] !== undefined) {
         gel('u_delivery').innerHTML = "Delivery target from time of approval : " + g_sc_cat_slas[act];
      } else {
         gel('u_delivery').innerHTML = "Delivery target from time of approval : No SLT, best endeavours"
   } else {
      gel('u_delivery').innerHTML = "";

var btn = document.getElementById('sysverb_back'); = 'none';

Below is a sample workflow of how Action Driven Service Request Items can be managed using a Workflow. The key is to utilise a “switch” to route to the required step within the workflow.


The above is just a subset of the key configuration elements required to enable your ServiceNow platform to become an Action Driven Service Request Catalog.

The Benefits

As you can see, this approach helps reduce the number of Request Categories and Request Items down to a manageable level whilst enhancing the end user experience, improving administration overhead and driving overall service efficiency.

It can transform the Service Request Catalog to take a more “outside in” perspective which is more beneficial overall to the organisation. Though, this isn’t the only aspect one must consider to ensure that the end user/customer is kept in mind at all times. But you are at least one step closer!