Malware Scanning - We Want Your Feedback!

15 댓글

  • Chris Bulin
    Community Moderator

    Hi Chika! Thank you for being part of Community Day today.

    How would you use this feature to help your current security problem today

    • This is fantastic and I would love to see it in Zendesk. We've had folks fall for a phishing attack in a different department at our company, so I can only imagine it will happen with us eventually. The more security we can have the better. I would like to be able to add a permission for custom roles to allow them to override the lock. Particularly for the managers on the team who aren't admins, but have more permissions than agents on their teams.

    Would establishing an audit log of malware events be beneficial? If so, what details in the future audit log will be important to have?

    • Yes, this would be fantastic. First it could prove value (especially if this ends up being a paid feature). Additionally, I would want to be able to report out on how often malware is being identified and know who (if anyone) is overriding the lock.

    How are you currently preventing malware via file attachments?

    • We currently forward email to Zendesk after it goes through IronPort. Which works well for email attachments, but we don't currently allow attachments on our forms, because we don't have a way to route those through IronPort before they come into Zendesk. We have a similar problem with chat. We do allow attachments there, but it would be great if we could eventually have the same protection in that channel.
    0
  • Chika Chima
    Zendesk Product Manager

    Hi Chris!

    Thank you for your feedback! Especially on the custom roles for permission to do overrides.

    I would love to chat more next quarter. I will add my calendly link here in the beginning of next year in order to chat with you and anyone interested.

    0
  • jihoon Lee

    If your team adds a "Malware Scanning Service" feature, I wish it could be turned on and off as an option.

    1
  • jihoon Lee

    I wish the audit log provided various filters like the article management of the guide.

    I need an activity category for the activity.
    For example, I would like to be able to view only specific items by filtering login, ticket field change, ticket form edit, user information change, etc. by category. There are so many audit logs right now, it's so hard to find the one I'm looking for.

    0
  • Philippe Cartier

    Malware scanning:
    For me, it is vital to prevent the malware to reach our agents. A malware scanner is a good step towards prevention.
    In order to be sure no malware is sent, we should be able to select the file types that are accepted. Even if this means only accepting images (jpeg, png, etc.).
    So we disabled the options in zendesk which do not permit us to filter attachment types (loss of functionality). Ideally, we should be able to configure all entry points to Zendesk to select allowed filetypes. This would be the easiest (and safest) solution.
    A malware scanner has its value though as some malware can be injected through scripts and other means. So a flag of "scanned" (in the message received in zendesk) would help the agent (plus the blacklisting of all executables and zips that are sent to zendesk). 

    1
  • Dave Dyson
    Thanks for the feedback, Philippe!
    0
  • Chika Chima
    Zendesk Product Manager

    Thank you all for your comments and feedback. We are excited to have this out to you all soon as a first step in stopping/ preventing malicious attacks!

    -1
  • CJ Johnson

    The feature does not seem to work at all. I am able to attach an EICAR virus file in Zendesk. Can you let me know how to test if this feature is working correctly? 

    0
  • Chika Chima
    Zendesk Product Manager

    CJ Johnson

    Thanks again for using this forum for your questions and feedback.

    In regards to your question about this feature. The behavior of the malware scanning feature; automatically scans file attachments on specific channels outlined on this article. And the feature will present warning designations if the file attachments are deemed malicious. Agents on desktop view on the Support via tickets will see warning designations if the file attachment is deemed malicious.

    Is there an expected behavior that you were hoping to see and in what channel? Did you test out the EICAR file in your sandbox in the specific channels that the article outlined?

    I hope this clears any specific unclarity. I am happy to meet and chat more if need be.

    Thanks!

    -1
  • CJ Johnson

    Hi Chika Chima

    I am afraid I don't see this feature, at all, anywhere still. Can you let us know specifically how to test this?  Here I am, sending a virus to our chat in as a customer, without issue, just 5 minutes ago: 



    It really doesn't seem like this feature is live on our account. Please let me know how to confirm if this is the case. 

    Edit: I can send the EICAR zip via the form just fine, too. No warnings. 

    0
  • Chika Chima
    Zendesk Product Manager

    Hi CJ Johnson

    I created a ticket for us to discuss more in detail

    -1
  • Chika Chima
    Zendesk Product Manager

    Hello! As promised this is a calendly link to sign up to hear more about your feedback on this feature!

    -1
  • Tyrell Trainor

    Hi Chika Chima

    I'm curious to follow up on this thread, will Zendesk detect Eicar test files? Also I am curious to find out if there is any reports/logs that can be generated about what files were found by this scanning.

    Thanks!

    0
  • Chika Chima
    Zendesk Product Manager

    Hi Tyrell Trainor

    you can try sending the EICAR file by itself, not compressed as a .zip file. 
     
    Please again note that generally no scanners are 100% accurate and there are no guarantees of identifying all malicious files. We recommend therefore that you also consider further protection measures as appropriate and as per your Security team’s instructions and policies.

    In regards to reports/logs, we currently do not have that on any roadmap. But i am curious in what would you want to see? Such as format and data?
     

    0
  • Hussain Patanwala

    What Malware is used to scan the documents? It is important to know from the perspective that client is very data sensitive and wants to know everything.

     

    0

댓글을 남기려면 로그인하세요.

Zendesk 제공