Recent searches


No recent searches

Sam Turner's Avatar

Sam Turner

Joined Apr 05, 2024

·

Last activity Apr 05, 2024

Following

0

Followers

0

Total activity

4

Vote

1

Subscription

1

ACTIVITY OVERVIEW

Latest activity by Sam Turner

Sam Turner created a post,

Post Feedback - Ticketing system (Support)

Note: Include attachments in emails doesn't appear and can't be enabled if secure downloads is enabled. Additionally, when you enable secure downloads, agents can't copy and paste images from their computer into ticket comments.

Whilst I understand why this is in place it does conflict with workflows, for example;

 

- We have agents wanting to receive and send attachments (sometimes containing sensitive data)

- These attachment recipients should not be logged in nor have an account and should be able to receive the attachments as attachments in an email. The customers are dynamic, can sometimes be a one-time experience and shouldn't rely on them having to create an account to access the data.

- The attachments should only be accessible via logged in Agents (enable secure downloads) and recipients of the emails from the tickets in which they raise (enable email attachments). This scenario removes the ‘Security by Obscurity', of which isn't ‘Secure’, whilst also allowing those customers to access the data truly addressed to them.

 

Security by obscurity alone is discouraged and not recommended by standards bodies. The National Institute of Standards and Technology (NIST) in the United States recommends against this practice: "System security should not depend on the secrecy of the implementation or its components."[9] The Common Weakness Enumeration project lists "Reliance on Security Through Obscurity" as CWE-656

 

It would be good to understand if we can be a bit more granular with what ‘Enable Secure Downloads’ affects, having it blanket for both agent and customer side can be counter intuitive and break the experience for the customer.

Posted Apr 05, 2024 · Sam Turner

3

Followers

4

Votes

1

Comment


Sam Turner commented,

CommentTicket management

Note: Include attachments in emails doesn't appear and can't be enabled if secure downloads is enabled. Additionally, when you enable secure downloads, agents can't copy and paste images from their computer into ticket comments.

Whilst I understand why this is in place it does conflict with workflows, for example;

- We have agents wanting to receive and send attachments (sometimes containing sensitive data)

- These attachment recipients should not be logged in nor have an account and should be able to receive the attachments as attachments in an email.

- The attachments should only be accessible via logged in Agents (enable secure downloads) and recipients of the emails from the tickets in which they raise (enable email attachments).

 

It would be good to understand if we can be a bit more granular with what ‘Enable Secure Downloads’ affects, having it blanket for both agent and customer side can be counter intuitive and break the experience for the customer.

 

View comment · Posted Apr 05, 2024 · Sam Turner

0

Followers

0

Votes

0

Comments