Customer Support & Data Security: How to Achieve Both in Zendesk

In the world of customer support, the clock is always ticking. Support teams hustle to resolve issues, striving to keep up with the constant influx of tickets.

But in this rush to respond, there's something crucial that’s easily overlooked: data security. When you're juggling a hundred tasks, how do you keep sensitive customer data safe and sound?

Virtru’s Senior Director of Customer Experience & Analytics Alex Litoff and Senior Director of Solutions Engineering Trevor Foskett explore this in our latest episode of Hash It Out. Watch the video on demand below, or read this recap.

“Support Teams Live and Breathe in a Ticketing System”

Litoff, other managers, and support staff around the world watch tickets pile up in the thousands from their customer base. To maintain one source of truth and remain organized, communication must be kept in one place.

“The reality is, there are some nuances of running a support team. One of them is that they live and breathe in a ticketing system. For us, that’s Zendesk and Salesforce,” said Litoff. “We want to keep the teams in there as much as possible, more than any other app. We want it as tightly integrated as possible.”

One platform for everything is ideal - even a few extra clicks outside of Zendesk to complete a simple task adds up over time. It’s not a matter of laziness - it’s quite the opposite. Support teams are held to high standards, and are typically evaluated on their ability to view and resolve tickets in a timely manner.

Underscoring these metrics is the feeling of a company’s Support function being a source of great cost to the business. All of these factors create an environment in which support teams prioritize speed and precision, and in the shuffle, security can often be the first to get lost.

“If you don't have any sort of established process now, what are your agents sharing? I mean, what industry are you in, what clients you deal with,” asked Litoff. “Whether it be logs or financial statements or a password reset, any of these things - do we have a process in place for it other than just send it via email?”

Eliminating Risk in Fast-Paced Zendesk Support Workflows

Be Thoughtful with Access Controls Inside and Outside of the Organization

There’s a long and storied history of sweeping access controls turning data breaches from bad to worse. What could be a contained breach turns into disaster when employees have overarching access to too much data within the organization - and when organizations lose control of data sent outside of their environment, too.

“I think there's this temptation to just give people access to things,” said Litoff. “Does a third party contractor need access to update accounts in our database? ... Why do they need the most advanced, sophisticated access? Why don't you reserve that for tenured reps and managers? [Or,] does the super technical person who's only dealing with certain things on a product need access to billing data and credit card info on customers?”

When employees have overarching access to sensitive data that often isn’t needed to do their jobs, it simply sweetens the pot for hackers. All it takes is one customer service rep’s account to be breached, and in an org with poor access control management, the attackers have access to trade secrets, swaths of customer data, and more.

By adopting a more granular, attribute-based access control (ABAC) system, organizations can limit access to sensitive data and significantly reduce the potential impact of breaches. This aids in protecting data as it travels outside of the organization as well by allowing you to keep eyes on exactly where your data goes, and who accesses it.

With Secure Share, you maintain control over your data and the sensitive data entrusted to you wherever it goes. Have complete domain over access controls to the files you send even after you’ve sent them - with the ability to revoke access, set time limits, and add watermarks. With Secure Share for Zendesk, and the Virtru Data Protection Gateway for Salesforce, you can transform your approach to data security, offering both you and your customers peace of mind.

Tight Encryption Integrations for an Even Tighter Turnaround

In customer support workflows, organizations typically steer clear of excess personal data from their customers. Yet, when it's essential to share Personal Identifiable Information (PII) or Private Health Information (PHI), Secure Share for Zendesk offers a rapid, secure alternative.

“When we are handling sensitive information, sending user lists, HMAC tokens, or unique identifiers, we can quickly use Secure Share to share files, share that sensitive information, securely …right in Zendesk,” explains Litoff.

Secure Share enables users to safely exchange and request sensitive information directly within your support application, eliminating the need for separate emails. All data exchanges are contained within your tickets or cases, eradicating disjointed email threads that are time-consuming and typically lack additional protection.

“Anytime [support teams] are deviating from our established workflow means we're coming up with something else on the fly,” explained Litoff. “Security admins are thinking, ‘Oh, god. What are they doing…?’”

Seamless integrations like Secure Share offer a comprehensive solution for boosting your team's efficiency and improving ticket handling. The flexibility of Secure Share allows teams to hand off tickets without losing context, all while ensuring robust security measures that please your security teams.

By employing end-to-end encryption and granular access controls, Secure Share empowers teams to precisely manage who has access to sensitive data, thus preventing unauthorized access and reducing attack vectors. This approach is not only critical for strengthening compliance but also makes it easier to share and gather information from customers securely.

By streamlining these processes, your team can achieve tighter turnaround times, serve customers more effectively, and maintain the security of customer data. In this way, Secure Share enables your team to perform at its best, satisfying both security teams and customers alike.

Gateway Encryption for When Sensitive Data Exchanges are the Norm

For customer support workflows that primarily deal in legally protected data being exchanged, having a catch-all solution like gateway encryption for sensitive files is an ideal option.

Healthcare organizations frequently handle Personal Health Information (PHI), which is subject to stringent regulations like HIPAA. When such organizations use platforms like Zendesk for patient outreach, patients might share sensitive information like Social Security numbers or symptom lists, while healthcare providers might need to disclose personal reports or test results.

In scenarios like this, Litoff and Foskett agreed that implementing a gateway protection solution can be a game-changer. By automatically encrypting sensitive files before they enter or exit your environment, gateway protection ensures secure communications without adding cumbersome steps to the process. It streamlines workflows and eliminates the need for support representatives to adopt ad-hoc solutions for secure communication, reducing the risk of data breaches.

“When I know ninety percent of my tickets are HIPAA or … going to be considered sensitive, why am I making my reps worry about this at all?” asked Litoff. “Why don't I just blanket protect things?”

Virtru Data Protection Gateway offers a powerful solution for organizations looking to protect data traveling through SaaS apps like Salesforce and Zendesk, and strengthen compliance with regulations like HIPAA, GDPR, CCPA, ISO 27001, PCI, and more. In addition to providing robust encryption, Virtru Data Protection Gateway leverages  AI-based detectors, powered by Nightfall, for Data Loss Prevention (DLP), offering an extra layer of protection against unintentional data exposure within Zendesk and Salesforce.

Data Protection in Zendesk for Support Teams and Beyond

“At the fundamental level, our job is speed and quality - and the balance of those two to deliver good customer experience,” said Litoff. “...It’s really about understanding your industry, understanding your customers and what applies to you and picking the right tool for that job…”

By weaving data protection into the support workflow, teams can deliver rapid, top-notch service while ensuring the utmost security. The results are well worth it—quicker responses, satisfied customers, and the trust that sensitive data is safe in your hands.

Want to learn more about Virtru’s user-friendly encryption integrations for Zendesk? Book a demo with our team today.