PII Masking
Updated
Personally Identifiable Information (PII) or Sensitive Personal Information (SPI) is data that can be used to identify a particular person potentially. It comprises any information which can distinguish one person from another and can be used to de-anonymize anonymous content.
If PII is not handled, it will be directly visible in the messages to users as well as in the database leading to a breach of privacy.
Sensitive message content can be hidden within the Sprinklr platform to protect customer information efficiently.
This can be done in various ways:
1) Encrypt Entire Messages Automatically based on Pre-defined Conditions using Rule Engine
2) Mask PII Content in Messages and Make it Visible for Permissioned Users
3) Retrospectively Retract Entire Message/Case Including PII using Macro
4) Apply the PII Macro to a Message/Case
5) Obfuscation of PII content
To Encrypt Messages based on Pre-defined Conditions
The messages containing sensitive information are encrypted using a Rule action to restrict who has access to the PII. It provides data integrity, confidentiality, authentication, and secure communication. This will still provide your team access to view the message content in the UI, whereas the message is stored encrypted in the database, allowing them to provide service even when your customers share information that should not be viewed.
For Example: If your customer shares a private message containing his/her credit card number, the Rule will allow it to be visible in the UI but not in the database.
1) Click the New Tab icon . Under Governance Console, click Rule Engine within Collaborate.
2) Create a Rule in the Rule Engine.
3) While configuring a rule condition in the Edit Condition pane, select Text from the Condition drop-down menu under Condition Applies to 'The properties of the Message' and set Regex as the operator. This will detect any sensitive information that your customers have shared. To learn more about Regex, see RegEx in Rule Engine.
4) Enter the specific search pattern (i.e. a specific sequence of ASCII or Unicode characters) of sensitive information in the Input Text field for Regex to detect.
5) While configuring a rule action in the Edit Action pane, select Content is Secure from the Action drop-down menu under Actions to 'Change properties of Message' and set its value as Secure.
Note If you encrypt a message, the content of the message cannot be searched. |
6) Click Save to save both your changes for conditions and actions in the Edit Condition and Edit Action pane, respectively.
7) Click Save again to finalize the creation of your Rule.
To Mask PII Content in Messages and Make it Visible for Permissioned Users
You can give the Mask permission under View Unmasked PII Entity to users to make the masked content visible to them and then configure an inbound or queue rule and add the action to add the inbound messages to PII entities. Adding this action will mask the PII content as xxxx for the users who do not have the below permission.
Next, create an Inbound or Queue rule to mask the PII content.
1) Click the New Tab icon. Under Governance Console, click Rule Engine within Collaborate.
2) Create a Rule in the Rule Engine.
3) While configuring a rule condition in the Edit Condition pane, select Account from the Condition drop-down menu under Condition Applies to 'The properties of the Message' and select the account(s) containing sensitive information.
4) While configuring a rule action in the Edit Action pane, select Search Pattern and take action from the Action drop-down menu under Actions to 'Change properties of Message' and set its value as Yes.
5) In the associated Text and Regex condition, enter the specific search pattern (i.e. a specific sequence of ASCII or Unicode characters) of sensitive information in the Input Text field for Regex to detect.
6) Next, click Add Action and select Add to PII entities from the Action drop-down menu.
7) Click Save to save both your changes for conditions and actions in the Edit Condition and Edit Action pane, respectively.
8) Click Save again to finalize the creation of your Rule.
To Retrospectively Retract Entire Message/Case Including PII using Macro
Sensitive message content can be hidden within the Sprinklr platform using a message/case macro. You can use this macro action to efficiently protect sensitive customer information from being visible. This macro can be applied to a single message or to multiple messages in bulk.
Create a PII Macro
1) Click the New Tab icon. Under Governance Console, click Macros within Platform Setup.
2) In the top-right corner of the Macros window, click Create Macro.
3) On the Create Macro window, enter a macro name and an optional description in the Macro Name and Description fields, respectively.
4) Select either Message or Case as the entity type on which you want to apply the macro from the Apply macro on the drop-down menu.
5) Under the Set Actions section, select Remove Content due to PII (for a message) or Remove Content from case due to PII (for a case) from the Action drop-down menu and set the value to Yes. You can set an Automated or a Manual Action for your macro.
6) Click Save in the bottom right corner to create your PII macro.
To Apply the PII Macro to a Message/Case
1) Click the New Tab icon and select Engagement under the Social cloud.
2) On the Engagement dashboard, hover over the Options icon for the desired message/case and select Open Details.
3) In the top bar of the Message/Case Details pane, click the Macros icon to view a drop-down of the available macros. Select the PII macro you have created. The content of your selected message will be removed and will display a message Erased due to PII policy on the Engagement dashboard.
Note - This macro action will hide the entire message. However, the username and any message properties applied will remain visible. - Once the message is retracted, you can not see the entire message again. |
Obfuscation of PII content
You can remove the sensitive information by configuring an inbound or queue rule and add the action to mask the matched terms with any symbol as desired. It is important to note that this is a one-way process, and the information cannot be restored.
1) Click the New Tab icon. Under Governance Console, click Rule Engine within Collaborate.
2) Create an Inbound or Queue rule in the Rule Engine.
3) While configuring a rule condition in the Edit Condition pane, select Account from the Condition drop-down menu under Condition Applies to The properties of the Message and select the account(s) containing sensitive information.
4) While configuring a rule action in the Edit Action pane, select Search Pattern and take action from the Action drop-down menu under Actions to Change properties of Message and set its value as Yes.
5) In the associated Text field, enter the specific search regex pattern (i.e. a specific sequence of ASCII or unicode characters) of sensitive information.
6) Next, click Add Action and add the Mask matched terms action as asterisks ****. You can add the any symbol as desired.
7) Click Save at the bottom-right.