Ricerche recenti


Nessuna ricerca recente

Sam Turner's Avatar

Sam Turner

Data ingresso 05 apr 2024

·

Ultima attività 05 apr 2024

Seguiti

0

Follower

0

Attività totali

4

Voto

1

Abbonamento

1

PANORAMICA ATTIVITÀ

Ultima attività di Sam Turner

Sam Turner ha creato un post,

Post Feedback - Ticketing system (Support)

Note: Include attachments in emails doesn't appear and can't be enabled if secure downloads is enabled. Additionally, when you enable secure downloads, agents can't copy and paste images from their computer into ticket comments.

Whilst I understand why this is in place it does conflict with workflows, for example;

 

- We have agents wanting to receive and send attachments (sometimes containing sensitive data)

- These attachment recipients should not be logged in nor have an account and should be able to receive the attachments as attachments in an email. The customers are dynamic, can sometimes be a one-time experience and shouldn't rely on them having to create an account to access the data.

- The attachments should only be accessible via logged in Agents (enable secure downloads) and recipients of the emails from the tickets in which they raise (enable email attachments). This scenario removes the ‘Security by Obscurity', of which isn't ‘Secure’, whilst also allowing those customers to access the data truly addressed to them.

 

Security by obscurity alone is discouraged and not recommended by standards bodies. The National Institute of Standards and Technology (NIST) in the United States recommends against this practice: "System security should not depend on the secrecy of the implementation or its components."[9] The Common Weakness Enumeration project lists "Reliance on Security Through Obscurity" as CWE-656

 

It would be good to understand if we can be a bit more granular with what ‘Enable Secure Downloads’ affects, having it blanket for both agent and customer side can be counter intuitive and break the experience for the customer.

Data ultimo post: 05 apr 2024 · Sam Turner

3

Follower

4

Voti

1

Commento


Sam Turner ha commentato,

CommentoTicket management

Note: Include attachments in emails doesn't appear and can't be enabled if secure downloads is enabled. Additionally, when you enable secure downloads, agents can't copy and paste images from their computer into ticket comments.

Whilst I understand why this is in place it does conflict with workflows, for example;

- We have agents wanting to receive and send attachments (sometimes containing sensitive data)

- These attachment recipients should not be logged in nor have an account and should be able to receive the attachments as attachments in an email.

- The attachments should only be accessible via logged in Agents (enable secure downloads) and recipients of the emails from the tickets in which they raise (enable email attachments).

 

It would be good to understand if we can be a bit more granular with what ‘Enable Secure Downloads’ affects, having it blanket for both agent and customer side can be counter intuitive and break the experience for the customer.

 

Visualizza commento · Data ultimo post: 05 apr 2024 · Sam Turner

0

Follower

0

Voti

0

Commenti