Ability to prohibit merging of tickets across organizations
Hi, we think it a good idea to restrict merging of tickets from different organizations. Mostly to prevent human error, as one of our agents accidentally merged two tickets from different companies. An easy mistake when ticket numbers are similar, but sadly for us it meant that details for company A were passed to company B. We can't see a reason in our business where we would need to merge tickets from different organizations so would like to have a setting that allows us to prevent this - could even be a permissions thing that is blocked at agent level, but allowed by admins?
This is a major ISO27K issue as if two diffrent organisation tickets were accidently merge confidential data would be accidently shared. We have had tickets shared accidently before and its easy to do but an option for us to set "do not allow merge tickets between diffrent organsiations" would be useful. As it is the merge functionality is useless without this as the risk of accidentasl ticket merge is to great
This is a serious problem. If we cannot prohibit by organization, is it possible to disable merging tickets entirely?
We had similar issues. On the Enterprise plan, you can create roles and disable merging altogether.
However, we would like the agents allowed to merge to STILL be restricted if the organizations are different (or at least a soft stop and reminder) so +1 from us!
I would like to bump this as we have had an issue today of a similar nature and it could be a contract breach in certain circumstances. Surely Zendesk has an obligation to develop this to protect's it's clients and subsequently the data of any person that interacts with the software.
Can there please be a response from Zendesk admin over this issue?
+1 - as per previous commentators, it would be good to see a reply from Zendesk on this feature.
At the very least a warning should be displayed, if not outright prohibited.
Agreed, this just happened today by accident and two customers from different organizations were replying to the same ticket. Definitely an issue that should be able to be controlled.
Where is a response from Zendesk?
I don't this that +1 is the issue.
This is a critical bug that can be a life changer for Zendesk, it can't be that Zendesk have not thought about it.
after sending an email to Zendesk support, i've got this answer:
Thanks for contacting Zendesk's Customer Advocacy team. I completely understand your concern regarding the ability to merge tickets between organizations. Building functionality to prevent that sort of behavior is a bit more complex and hasn't been completed as of yet. The community post is a feature request for that functionality. We have documentation on how the ticket merge functionality works here.
I'm happy to mark this ticket as product feedback and pass it along to our product managers to review to see if they can take this into account when developing the product in the near future.
Hope this helps. Let me know if I can assist further,
What can I say ... such a security and privacy is a "feature request" ?
email on that matter was just sent to Mikkel Svane (Zendesk CEO)
I cant see how difficult it could be all we are asking to do is check that the organisation fields = the same company on each ticket before allowing a merge - that should be standard. Until such time we have had to ban it from use
Blocking this would be an acceptable solution--my initial thought, and preferred solution is to simply have a warning dialog pop up when I try to merge across organizations. It's not going to happen a lot, but seems like an important security measure since it can be bad if it does happen.
Zendesk should give us the option to warn or prevent tickets from being merged if the requester or the organization are different on the tickets being merged. Good thing Zendesk isn't handling Hawaii ballistic missile alerts.
@Oren - Did you get any further response? I agree, not sure how security is a feature request and not a high priority. For organisations that support multiple customers this is one real product weakness within Zendesk.
@Zendesk community managers - is any work being done on this or at least workarounds?
I'm going to +1 this as well. Our agents need to be able to merge where necessary but there should at least be a secondary warning if the merge is happening into a ticket from a different organization (or user in cases where neither user belongs to an organization). It's too easy to accidentally merge a ticket if you're not paying attention and we all know how busy agents get. Thanks!
And I as well will +1 this. I just fielded an email from a customer who was very upset that his system down information was being shared with another unrelated customer - and we did not notice the automatic CC from the incorrectly merged alert until hours later, when the other customer said, "Guys? I don't think these emails are meant for me." This is, to my mind, not a feature enhancement but a security bug that needs to be addressed ASAP!
This post is from 2014 and still nothing?
This seems like a very important feature to have.
Longevity of a post is not one of the primary data points that we use to determine priority of implementation - just because someone asked a long time ago doesn't make it a high priority need.
More important factors are the number of users expressing a need, how business-critical the request is, and whether there are other workarounds available or plans that would solve the issue.
With just 10 votes over 5 years, this hasn't been seen as a high-priority need by many users. However, I will run this by the product team to see if they are doing anything around merging tickets in 2019.
Thanks @Nicole. We've just had an incident where this resulted in customers receiving emails they should never have had. This is a major concern for us especially as we're in the UK and have to comply with GDPR.
I appreciate that not many people have voted for this issue but given the potential dangers and it's importance with regards to people's data I think it warrants a high priority. Plus I would assume it's not a particularly difficult issue to solve.
Did you get any response from the product team?
I want to chime in here as well. We are in the same boat as everyone else, GDPR is the primary concern obviously but we also have client-facing reputations to consider, as I am sure do everyone else. We work in a multi-branded environment, so accidentally merging tickets from multiple brands together (even if the same end-user) is potentially disastrous.
Hi all -
No response from the product team on this, unfortunately. That usually means that it's something they'd be open to considering in the future, but it's not within the scope of any of the work they have planned this year.
If your concerns around this functionality are specific to GDPR, I encourage you to email firstname.lastname@example.org to increase the visibility of your request.
Thanks Nicole, GDPR, Mandatory data breach reporting (in some countries) and organisation reputation risks are all really important considerations for businesses servicing multiple clients with a solution such as Zendesk. The risks of a data breach could be minimised by tighter restrictions around ticket merging. I will take your advice and contact email@example.com and encourage others to do the same.
Yes thank you Nicole, I'll email them too.
Supporting this request too, it would greatly help us avoid human mistakes in merge.
Agree this request would be very useful. We just had a ticket merged incorrectly into a different organisation's ticket and this had the potential to expose data that it shouldn't have. This then has implications for privacy reporting both here in Australia and GDPR.
We would also find this very useful.
Hi, i add my vote to the bucket.
Just yesterday a college of mine managed to merge several requests from different companies.
Depending on your customer group, this can be the end of your company, imagine merging requests from two high stakes competitors...
This feature request might not have many votes but the frequency of use of your community page should not prevent you from implementing important features, that should have been standard in the first place.
But i am willing to "bump" it into recent topics once a week, so it might get the views and votes.
Feature request from 2012 that just now reached the "planed" stage are not very reassuring.
For the time beieng we will have to deactivate this feature.
I'm adding to this thread in an effort to see this pushed along. We had an issue, and not allowing people to merge by different organizations (or custom field) is huge for us.
This is extremely important. It should be considered a security fix rather than a feature. Please add me to the growing list of users who need this.
Zendesk need to get this sorted out, an easy way would be to display the Ticket organisation of the two tickets you are about to merge, surely that would not be to hard do
Don't forget to upvote the original poster.
This seems to be one of the indicators that are used to identify needed improvements.
Had an issue where agent is confident they "Clicked" on the right ticket number to merge but merge occurred with a different ticket and un-related organization. If zendesk had a feature to prevent merging two tickets that were not from the same organization that could be turned on that would be fantastic and would have prevented the case mentioned above regardless if it was a bug or human error!
Added a +1 to the original post.
Please sign in to leave a comment.