Inbound emails with sensitive data marked as confidential are encrypted

Lia4 · ‎04-07-2021

Hello,

we have a problem with the inbound emails.

Emails send with marked 'confidential' (from a Microsoft Server/outlook) open a case/ticket in ServiceNow, but the content is not decrypted. The system receives the messages encrypted and cannot read it.

We are on the Orlando release, I am not sure if this is something that works with the newer releases or it is something done wrong in the first implemenation.

Every 'normal' email without sensitive information, works.

Maybe anbody has an idea?

Thanks, Lia.

Allen Andreas · ‎04-07-2021

Hi,

That's correct. ServiceNow will not decrypt your emails and it's recommended to get with your email/network team to have ServiceNow "allowlisted" (aka whitelist) so that those emails are not sent with the default encryption you all have setup for your organization.

ServiceNow can see that it received an email, but can not read the contents.

I've seen this a few times where organizations use a feature like "Zix", etc. which auto-encrypt the emails, but users do have the option to "send unencrypted" via a separate "send button"...but to get them to remember to do that for ServiceNow was not going to happen, haha.

So we worked with those email/network teams to get the ServiceNow domain whitelisted and going forward any emails to ServiceNow were not send encrypted so that it could be read on your instance.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

View solution in original post

Allen Andreas · ‎04-07-2021

Hi,

That's correct. ServiceNow will not decrypt your emails and it's recommended to get with your email/network team to have ServiceNow "allowlisted" (aka whitelist) so that those emails are not sent with the default encryption you all have setup for your organization.

ServiceNow can see that it received an email, but can not read the contents.

I've seen this a few times where organizations use a feature like "Zix", etc. which auto-encrypt the emails, but users do have the option to "send unencrypted" via a separate "send button"...but to get them to remember to do that for ServiceNow was not going to happen, haha.

So we worked with those email/network teams to get the ServiceNow domain whitelisted and going forward any emails to ServiceNow were not send encrypted so that it could be read on your instance.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Allen Andreas · ‎04-08-2021

Hi Lia,

Sounds good.

If my reply above helped guide you Correctly, please also mark as Correct.

Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Phil Swann · ‎04-07-2021

yeh i would say this is an issue with the outbound email, and part of the challenge with O365 sensitivity labels. but its a good thing! not sure how we can solve it... but you could build a rule to check the email and reject it so it doesnt create unnecessary noise, and then move the process to a secure integration method.

Lia4 · ‎04-08-2021

Thanks a lot. I will check with the Microsoft Team and post if we find a solution.