Sensitive data (Credit Cards, Social Security, etc) Searching and Filtering

(0) Share

Report

Posted on by Community Member

We are migrating to a new CRM Online instance and one of our obstacles is how best to prevent accidental entry of things like credit card numbers by sales team members into fields the data should not be. Typically happens in notes fields, tracked emails, etc.

Is anyone aware of tools or plugins that make this kind of searching/alerting possible or other means to help mitigate the issue other than strong policies and staff training.

Thanks!

*This post is locked for comments

I have the same question (0)

All responses (6)

Answers (0)

Community Member on at

Like (0)

Report

When you say "to prevent accidental entry of things like credit card numbers by sales team members into fields the data should not be" I hope you mean:

"to prevent accidental entry of things like credit card numbers by sales team members into CRM, or anywhere near it at all". You should never be saving this kind of sensitive data into a database that has no encryption.

Was this reply helpful? Yes No
Community Member on at

Like (0)

Report

That is a much better phrasing, but yes we are trying to prevent that kind of entry. Removing numerical keys from the keyboard is the next step.

Was this reply helpful? Yes No
Community Member on at

Like (0)

Report

Good point Adam but stating that this kind of sensitive data should never be stored in an non-encrypted DB is one thing (via written corporate policy), but how to does IT police such a statement when users can easily circumvent the policy without Admin knowledge.

Was this reply helpful? Yes No
Community Member on at

Like (0)

Report

I agree, but I wanted to make sure we were answering the right question before we started. I wonder if you could use some scripts to look in obvious text fields (description, notes, whatever the label on them might say - long text fields in general), and use something like regex expressions to find sequences of (for example) more than four digits, with or without spaces but no other characters (to distinguish from dates, for example). Run checks when the data is filled in, rather than later. Don't just prevent the save, but audit the non-compliance (save some metadata somewhere about who triggered the rule and when. DON'T include the offending string!!!)

Was this reply helpful? Yes No
Suggested answer

Community Member on at

Like (0)

Report

To avoid this issue, try to use field level security, so it can only available for certain users/teams not all users/teams.

Was this reply helpful? Yes No
Community Member on at

Like (0)

Report

Good suggestions. Saving information about the non-compliance is key for follow-up enforcement.

Coming from on-prem, where we could query the database itself, I'm still learning how the online version works. It seems like there isn't any existing solution to regex through the backend data for offending entries.

Was this reply helpful? Yes No

Community site session details

Sensitive data (Credit Cards, Social Security, etc) Searching and Filtering

Helpful resources

Quick Links

Responsible AI policies

Neeraj Kumar – Community Spotlight

Congratulations to the November Top 10 Community Leaders!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

Featured topics

Product updates

Community site session details

Sensitive data (Credit Cards, Social Security, etc) Searching and Filtering

Helpful resources

Quick Links

Responsible AI policies

Neeraj Kumar – Community Spotlight

Congratulations to the November Top 10 Community Leaders!

Subscribe to this forum!

Select categories

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

Featured topics

Product updates