Sensitive Information Masking in CSM Case (Workspace)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-01-2024 02:21 AM - edited 04-01-2024 02:34 AM
Hello dear community!
I need your assistance once again, and I would greatly appreciate your thoughts and inputs.
Let me start with the requirement:
We are looking for a solution that allows our customer support agents to mask sensitive information. The specific method of masking can vary (blurred text, stars instead of the text, "sensitive information" mark, etc.), but the key requirement is that agents should be able to flag text as sensitive, and individuals with appropriate access should be able to access this information later. The sensitive information can be present in various fields within a case (and eventually in chats as well).
Now, here are my questions:
- Does ServiceNow provide any out-of-the-box functionality that can address this scenario?
I am aware of the Sensitive Data Handler feature, but as far as I know, it only works in chats and is "automatic" (meaning, it masks data without requiring agent intervention based on predefined regexes). Is my understanding correct? - If there is no out-of-the-box feature for this requirement, what would be your suggestion for implementing such functionality? I'm not asking for a detailed design, just a general idea.
In the past, in the ITSM module in the old UI (before the Workspace), we implemented a similar feature using a combination of a UI action that triggered a pop-up (UI page) and replaced the marked text with "[SENSITIVE INFO 1]" (the number serving as a reference, as there could be multiple sensitive parts in a single ticket). However, it would be great to enhance this functionality by utilizing the out-of-the-box "blur" feature to mask the text within a case. Additionally, there might be complications in using UI pages in the Workspace, so it would be valuable to hear alternative suggestions.
Thank you in advance for your assistance!
P.S. I have already explored resources such as SnowFlake Tags for Data Masking and Governance, My collected list of ServiceNow tips & tricks, and Data privacy / anonymization in practice articles. However, none of them have provided a satisfactory answer to my specific question.