Intercom DLP

Detect & Mask (Redact) Sensitive Intercom Conversations - Intercom DLP (Data Loss Prevention)

Book a Demo

Intercom DLP

Table of Contents

TL;DR: In a nutshell: Strac is the Intercom Redaction Solution You Need for Security & Compliance

Customers post sensitive personal information on Intercom chats, which can lead to compliance issues and data breaches.
Strac Intercom App is a DLP software that can detect and redact sensitive comments and attachments.
Strac can be configured to block sensitive PII or PHI in Intercom conversations.
Strac offers a list of sensitive data elements that are automatically pinpointed and concealed.
Strac is available in Intercom's App Store and provides audit reports for compliance, risk, and security officers.
Checkout our video demo below to learn about how Strac Intercom DLP and redaction works

Intercom Conversation Containing Sensitive Data

The Consequences of Not Redacting Personal Data from Intercom

Customers post sensitive personal information (PII or PHI) on Intercom chats/conversations (Customer Support Tool) for a given business function. Some of the burning reasons on why your Intercom account needs to be protected:

Compliance: Every day, government legislation passes Consumer Privacy laws geared to protect consumer data from malicious entities. California and Illinois have been the latest to introduce these laws, including a Biometric Information Privacy Act. For many organizations, data can be spread across a wide range of systems, which can be challenging to keep up with Privacy law enactments. It is a nightmare for companies to do manual cleanup of those sensitive messages sitting within your employee's zendesk account as deep inspection is time consuming and error-prone. At the same time, you need to stay compliant and prevent exfiltration of sensitive data.
In the first six months of 2019, a reported 3,813 data breaches affected 4.1 billion records, an increase from 2018. Of which, 70% of leaks exposed user emails, while 65% included sensitive information revealing passwords. According to IBM, the average time it takes for an organization to identify a data breach occurred is 206 days, with an organizational cost of $3.92 million.
Between 2018 and 2020, there was a 47% increase in insider threat incidents. This includes malicious data exfiltration and accidental data loss.

How Strac Ensures Security &Compliance with its Intercom Redaction Solution

Strac Intercom App is a Data Loss Prevention (DLP) software. There are 2 modes:

Detect Only: Once configured, it automatically discovers sensitive comments and attachments. Customers can see Findings of sensitive tickets in the Strac UI Vault and get notifications.
Redact: Once configured, it masks (aka redacts or removes) sensitive comments and attachments while allowing authorized users to view those Intercom tickets in Strac UI Vault. With this, you will block sensitive PII or PHI in Intercom conversations.

A business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.) to redact. Compliance, Risk and Security officers will get audit reports of who accessed which messages.

Is Strac Intercom Redaction/DLP app published on Intercom's App Store?

Yes, it is published here: https://www.intercom.com/app-store/?app_package_code=stracapp

Have a glance at Strac's assortment of sensitive data points, which are automatically pinpointed and concealed by Strac. More details at this link: https://www.strac.io/blog/strac-catalog-of-sensitive-data-elements

Sharepoint DLP Use Cases

Practical Scenario

A hospital’s billing and administrative teams use SharePoint Online to store patient invoices, medical reports, and insurance forms. While collaborating with external insurance providers, a staff member accidentally updates the permissions on a SharePoint document library to “Anyone with the link,” exposing potentially thousands of patient files containing PHI.

How Strac's Sharepoint DLP Helps

Continuous Data Discovery: Strac automatically scans existing and newly uploaded documents, identifying PHI (e.g., medical record numbers, Social Security Numbers).
Classification & Labeling: Once identified, files are labeled (e.g., “HIPAA Sensitive”), ensuring that administrators know which documents require the highest level of protection.
Visibility into Access: Strac provides real-time insight into who has access to these sensitive documents. Administrators can instantly see if unauthorized users or broad groups have viewing rights.
Revoke Public Links: If a file is publicly accessible, Strac immediately revokes those links and restores restricted access.
Alerts & Quarantines: When someone attempts to share PHI externally, Strac can alert admins, quarantine the file for review, or completely block the action.
Audit-Ready Reports: All actions are logged, enabling quick incident response and demonstrating HIPAA compliance for audits.

Practical Scenario

A mid-sized investment firm uses SharePoint to collaborate on various client files, including:

Credit card statements (subject to PCI-DSS)
ID documents (Driver’s Licenses, Passports, etc.) used for KYC (Know Your Customer) verification
Banking information such as account and routing numbers

An associate accidentally shares a SharePoint folder containing these files with a newly onboarded client who does not require access to all confidential documents. This folder is also accessible to several internal teams outside the immediate project, creating multiple potential exposure points.

How Strac's Sharepoint DLP Helps

Comprehensive Data Discovery: Strac scans both existing and newly uploaded documents in SharePoint for sensitive information such as credit card numbers, bank account details, and ID documents (Driver’s License, Passport formats).
Classification & Automated Labeling: Once identified, Strac applies meaningful labels (e.g., “PCI-DSS Sensitive,” “PII – ID Documents,” “Banking Info”) to ensure these files stand out and are subject to stricter security rules.
Visibility into Access: Strac provides an immediate view of who currently has access to these sensitive files. This allows admins to spot situations where external clients or internal teams unnecessarily have permissions.
Public Access Revocation: If a labeled document (e.g., containing card data or ID scans) is found to be publicly shared or too broadly accessible, Strac automatically revokes these links or permissions, aligning access with the principle of least privilege.
Alerts, Quarantines, and Blocks: When a user attempts to share a labeled document with outside domains—or with an entire department—Strac alerts administrators or quarantines/blocks the file share, depending on policy settings.
In cases where the share is intentional but needs review, admins can approve or deny the request within Strac’s dashboard.
Audit & Compliance: Every sharing event, label assignment, and access revocation is logged, creating a detailed audit trail. This helps demonstrate compliance with PCI-DSS, KYC, AML, and other regulatory requirements.
Automatic reporting simplifies any regulatory or internal compliance audit, reducing the administrative burden on security and compliance teams.

Practical Scenario

A software company keeps source code, product roadmaps, and design specs in SharePoint. Several teams—including external contractors—use the same SharePoint site. A developer accidentally grants a large group, including some non-disclosure–exempt contractors, access to a folder containing patent-pending code.

How Strac's Sharepoint DLP Helps

Holistic File Scanning: Strac inspects documents, PDFs, and archives for code snippets, system designs, and proprietary business terms to detect potential IP.
Intelligent Labeling: Documents identified as containing IP or trade secrets are automatically classified (e.g., “Proprietary IP”), reinforcing the need for restricted sharing.
Real-Time Access Insights: With Strac, administrators can instantly see who has access to IP-tagged files, enabling them to remove unauthorized users or reduce permission scopes.
Immediate Link Removal: If a contractor or external partner is mistakenly granted access to IP, Strac revokes public or unauthorized sharing before the files can be downloaded.
Alerts & Blocking: Strac’s policies can be configured to alert security teams or block external sharing attempts for files containing proprietary content.
Incident Response & Auditing: Detailed logs of every share request, label change, and access revocation aid in quick incident resolution and help prove due diligence if legal issues arise.