Solved

Managing PII data in Emails

  • 16 January 2022
  • 12 replies
  • 391 views

Userlevel 1
Badge +3

Hi,

We have a lot of customers send through PII data in emails which ends up in our Freshdesk tickets. I understand the level of security freshdesk provides, but I'm looking for suggestions on how to to note its collection and restrict its distribution.

Has anyone dealt with this before?

Should I use tags to mark it as sensitive info and have the email redacted so that when the customer is replied to the PII info is not going back an forth etc.

Any suggestions would be appreciated.

 

 

icon

Best answer by Keer 20 January 2022, 06:38

View original

12 replies

Userlevel 5
Badge +12

Hello @shimi, we are glad to have you as a part of our Freshdesk community. I understand you are looking to mask the PII data that comes in via email. In Freshdesk, you can make use of the redaction feature to mask this data. You can find more details on the same here: https://support.freshdesk.com/en/support/solutions/articles/50000003132-redacting-sensitive-information

 

I would also suggest you to look into this third-party app, https://www.freshworks.com/apps/freshdesk/protect_sensitive_data/, which can help you with redaction. When you use the app, the following patterns would be masked. 

 

Credit card number 4000056655665556 XXXXXXXXXXXX5556

social security number 123-45-6789 XXXXXXX6789

phone number 123-456-7899 XXXXXXXX7899

email spiderman@fd.com XXXXXXXXXXXX.com

date ddmmyyyy 23/12/2018 (or) 23-12-2018 XXXXXX2018

date mmddyyyy 12/15/2018 (or) 12-15-2018 XXXXXX2018

url www.facebook.com XXXXXXXXXXXX.com

IP address 192.122.23.21 XXXXXXXXX3.21

 

I hope this helps!

Userlevel 1
Badge +3

Hi @Keer 

 

Thanks so much for responding. I didn’t know about the redacting feature built into freshdesk. However in my settings (on the garden plan and on our other premium plan) it only has the following in the Admin > Account > Security >  section.

 

Also as for the app, I did see that. Can you verify its authenticity and that it is free to use?

 

Userlevel 5
Badge +12

@shimi, redaction feature is available inly from the Forest plan and that’s why you might not be seeing in your account. However, the app is verified and is free. 

App details

 Let us know if you have any further queries. Have a good day!

Userlevel 1
Badge +3

Hi @Keer 

 

We are on the Pro plan for another instance of freshdesk we have and even there, there is no redaction.

Can you please explain?

Userlevel 5
Badge +12

Yes, @shimi. In the current plans, redactio policy is available in Enterprise and Enterprise Omni plan and you can view them in the same article. 

 

 

Userlevel 1
Badge +3

Thanks @Keer. Does that only redact credit card or can you define which data types you want redacted? 

Userlevel 5
Badge +12

As of now, redaction includes only credit card number patterns, @shimi.

Redaction in Freshdesk

 

You can find the sequences that would be redacted below:  

 

Badge

Hi keer, Thanks

Userlevel 5
Badge +12

Hi keer, Thanks

Sure, @Gerald451. I am glad we could help :)

Userlevel 1
Badge +3

@Keer  thanks so much for your help.

Any news on FD building in more fields to masks other than credit card, in the near future?

 

Userlevel 5
Badge +12

@shimi, you can add your usecase and which fields you think would be helpful to be added to the redaction feature in our ideas section :)  

Hi @shimi and @Keer,

At Strac, we help businesses automatically detect and redact sensitive data. Data elements can be any of PCI, HIPAA, financial or confidential ranging from Drivers License, passport, SSN, patient data, and more. It can be attachments like pdfs, images, word docs, etc.


We do have an integration with FreshDesk as well. Please feel free to check us out: https://www.strac.io/

Reply