Limit the ability for agents to bulk download 'cutomer's personal information' in "View".
As in any country, personal information protection is important in system management in South Korea.
When using Zendesk, the part that most violates personal information protection and requires urgent functionality is the function to export “views” to CSV.
In Zendesk, if there are no special restrictions, agents are free to create personal views and can easily include requester's email or name in the list column.
However, the act of creating a list and exporting a customer's personal information is one of the acts that are seriously restricted or prohibited under Korea's Personal Information Protection Act - The information security management system (ISMS) and the personal information management system (PIMS).
I wish this feature was removed. If there are users who need this feature, it would be better to set this feature by permission so that only administrators or agents with authorized permissions can use this feature.
-
+1 this is definitely a security concern. I have voiced this many times with Zendesk as we can restrict who can generate reports but not with views which is a smaller version of a report but still contains way too much PII that can just be downloaded for any Agent
-
Hi all, thank you for your feedback. This has been logged for our PM team to review. For others interested in this feature, please share your support via the comments with your use cases and/or with an upvote. Thank you again for providing your input to us!
Por favor, entrar para comentar.
2 Comentários