The Build Approach (Manual Way)
Here are some steps you can take to ensure that data is not leaked from Zendesk tickets:
- Use Zendesk's privacy and security features. Zendesk offers a range of features that can help protect your data, including data encryption, access controls, and password policies.
- Train your agents on data security best practices. Make sure your agents understand the importance of protecting sensitive data and how to handle it properly in Zendesk.
- Regularly review and update your security policies and procedures. Keep your security policies and procedures up to date to reflect any changes in your data protection requirements.
- Monitor your Zendesk environment for suspicious activity. Use Zendesk's built-in tools and third-party solutions to monitor your environment for potential security threats and breaches.
- Follow relevant laws and regulations regarding data collection, storage, and use. Ensure you comply with applicable data protection laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
The Buy Approach (Automated Way)
Downsides of the Build Approach
- As we all know, training humans is a time-consuming and error-prone approach. Agents are best for applying their unique expertise in helping customers and solving their problems, thereby closing customer tickets.
- Similarly, reviewing security policies and procedures is time-consuming and error-prone; it is incredibly costly to deploy security engineers on a regular cadence.
- At the same time, monitoring for suspicious activity is a hard problem. Even if one solves the problem of detection of security threats, it may be too late by the time it was detected.
The Automated Solution
Strac Zendesk App is a Data Loss Prevention (DLP) software. It masks (aka redacts) sensitive comments and attachments in the ticket. A business can configure when the redaction should occur, e.g., once the ticket is closed OR after a few days. To redact, a business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.). You can see audit reports of who accessed which messages at what time.
To learn more, please see our demo here: https://www.strac.io/integrations/zendesk