Hello,

I will take the chance around the Log4j vulnerability to ask zendesk when they plan to create a better and safer security system. It needs to be improved on many levels

For example the token access. There is only the possibility to give access to everything or to nothing. For example it would be way safer for us to be able to determine that only some ticket fields are readable to external companies or via a token. But we actually have to give out access to everything, which of course is high risk.

Why is that a problem? How should we prevent some rouge person in another company taking a snapshot of all our users and user data? Or someone gaining access to a third parties server. Or the famous "lost laptop"? This could be devastating to a company using zendesk and third party services.

And yes, apparently the rights used are bound to the user accessing. You write on the page that email/token is safer than email/password being used. So without a password and only the email an external party can not fully login into the dashboard. But why should they? They can access everything through the API. The data is the risk, Read rights on data. Write risks are there as well of course but that would be even next level.

Or maybe the risk can be lowered because the users email is bound to the rights of the user in zendesk? Well, theoretically, but the token is a universal password, right? So assuming an admin is in email contact with a third party, gives out a restricted zendesk account and a token. But the third party only has to assume that the email address he writes with has higher rights and by using it in conjunction with the token the third party suddenly has admin access.

Besides that, the rights system has been improved slightly over time but there are many things that are bound exclusively to the admin role, owner role even more.

Why is it often needed to give out admin rights for relatively normal things to do? We have to switch those rights back and forth to lower risk. Which should not have to be the case of course.

I'm also not sure if there are any precautions against someone gaining access to a logged in computer or a rougue employee accessing user data and storing it away. I'm not aware of anything we can do to limit risks here. Is there a warning coming up about unusual activities at one point in time?

I think I miss some points now that doesn't come to mind but the point stays:

Please create a safer security system. We really don't feel well with all this risk that we can't avoid. And it feels like zendesks brand could really take some damage if some bigger breach would happen in one of your customers companies.

Thank you!
Sebastian