We have a lot of customers send through PII data in emails which ends up in our Freshdesk tickets. I understand the level of security freshdesk provides, but I'm looking for suggestions on how to to note its collection and restrict its distribution.
Has anyone dealt with this before?
Should I use tags to mark it as sensitive info and have the email redacted so that when the customer is replied to the PII info is not going back an forth etc.
Any suggestions would be appreciated.
Best answer by KeerView original
@shimi, we are glad to have you as a part of our Freshdesk community. I understand you are looking to mask the PII data that comes in via email. In Freshdesk, you can make use of the redaction feature to mask this data. You can find more details on the same here: https://support.freshdesk.com/en/support/solutions/articles/50000003132-redacting-sensitive-information
I would also suggest you to look into this third-party app, https://www.freshworks.com/apps/freshdesk/protect_sensitive_data/, which can help you with redaction. When you use the app, the following patterns would be masked.
Credit card number 4000056655665556 XXXXXXXXXXXX5556
social security number 123-45-6789 XXXXXXX6789
phone number 123-456-7899 XXXXXXXX7899
email email@example.com XXXXXXXXXXXX.com
date ddmmyyyy 23/12/2018 (or) 23-12-2018 XXXXXX2018
date mmddyyyy 12/15/2018 (or) 12-15-2018 XXXXXX2018
url www.facebook.com XXXXXXXXXXXX.com
IP address 18.104.22.168 XXXXXXXXX3.21
I hope this helps!
Thanks so much for responding. I didn’t know about the redacting feature built into freshdesk. However in my settings (on the garden plan and on our other premium plan) it only has the following in the Admin > Account > Security > section.
Also as for the app, I did see that. Can you verify its authenticity and that it is free to use?
Let us know if you have any further queries. Have a good day!
We are on the Pro plan for another instance of freshdesk we have and even there, there is no redaction.
Can you please explain?
@shimi. In the current plans, redactio policy is available in Enterprise and Enterprise Omni plan and you can view them in the same article.
@Keer. Does that only redact credit card or can you define which data types you want redacted?
As of now, redaction includes only credit card number patterns,
You can find the sequences that would be redacted below:
Hi keer, Thanks
Hi keer, Thanks
@Gerald451. I am glad we could help :)
Any news on FD building in more fields to masks other than credit card, in the near future?
@shimi and @Keer,
At Strac, we help businesses automatically detect and redact sensitive data. Data elements can be any of PCI, HIPAA, financial or confidential ranging from Drivers License, passport, SSN, patient data, and more. It can be attachments like pdfs, images, word docs, etc.
We do have an integration with FreshDesk as well. Please feel free to check us out: https://www.strac.io/