Vinicius Henrique da Silva

Olá Anton de Young ? alguma resposta

Ao migrar para as mensagens, como obtenho esse mesmo relátório? 

até quando o web widget vai funcionar?

Dear Zendesk Team,

I would like to raise a concern regarding the authentication feature in Zendesk that allows users to select "Don't ask again for this computer for 30 days."

While I understand that this functionality is designed to improve user convenience, it introduces significant security risks, particularly in corporate environments where security must be a top priority.

1. Reduced Effectiveness of Two-Factor Authentication (2FA):
   This option bypasses the second factor of authentication for an extended period, effectively downgrading 2FA to password-only authentication during that time. This significantly undermines the security purpose of 2FA, which is intended to protect against risks such as phishing or credential theft.
2. Risk from Compromised Devices:
   If a device is shared, stolen, or accessed improperly, attackers can easily bypass the additional protection offered by 2FA. The locally stored token or cookie used to "remember" the device can be exploited if compromised, potentially exposing associated accounts.
3. Impact on Compliance and Security Policies:
   Organizations adhering to strict data protection regulations or security policies may find it challenging to justify the use of this feature, as it undermines the principles of multi-factor authentication.

Recommendations:

• Enable administrators to disable this option at the account level, enhancing security for organizations with stringent policies.
• Reduce the "remember me" period to a more secure timeframe, such as 7 days, or implement periodic reconfirmation of credentials.
• Provide logging or alerts in the Security Center when users utilize this option, offering greater control and visibility for administrators.

Thank you for your attention to this matter. I would appreciate understanding what measures might be implemented to enhance the security of this feature.

Best regards,

Dear Zendesk Team,

I would like to raise a concern regarding the authentication feature in Zendesk that allows users to select "Don't ask again for this computer for 30 days."

While I understand that this functionality is designed to improve user convenience, it introduces significant security risks, particularly in corporate environments where security must be a top priority.

1. Reduced Effectiveness of Two-Factor Authentication (2FA):
   This option bypasses the second factor of authentication for an extended period, effectively downgrading 2FA to password-only authentication during that time. This significantly undermines the security purpose of 2FA, which is intended to protect against risks such as phishing or credential theft.
2. Risk from Compromised Devices:
   If a device is shared, stolen, or accessed improperly, attackers can easily bypass the additional protection offered by 2FA. The locally stored token or cookie used to "remember" the device can be exploited if compromised, potentially exposing associated accounts.
3. Impact on Compliance and Security Policies:
   Organizations adhering to strict data protection regulations or security policies may find it challenging to justify the use of this feature, as it undermines the principles of multi-factor authentication.

Recommendations:

• Enable administrators to disable this option at the account level, enhancing security for organizations with stringent policies.
• Reduce the "remember me" period to a more secure timeframe, such as 7 days, or implement periodic reconfirmation of credentials.
• Provide logging or alerts in the Security Center when users utilize this option, offering greater control and visibility for administrators.

Thank you for your attention to this matter. I would appreciate understanding what measures might be implemented to enhance the security of this feature.

Best regards,

A ideia é boa, mas 1 condição apenas?
como garantir que outros tipos de tickets não sejam excluídos, nao faz sentido.

Exemplo:

Tenho 1 grupo no qual quero excluir tickets dele, entretanto não quero que contenha alguma tag especifica.
Mas somente desse grupo em específico, outros grupos talvez não fosse necessário. Não há como fazer isso.

Meio sem nexo essa opção para uma manutenção correta de tickets e dados.

Um absurdo isso não estar disponível para todas as contas ou ao menos ter a opção de Add On.

Algo que deveria ser nativo da plataforma.

Does this mean that now it is possible to use the ticket file with agent light? in order to maintain communication between departments only?