Sensitve Data on Attachment


I am building out some forms for administrative processing, and one policy requirement is that the customer attach a document with sensitive data to the cooresponding form.

I was looking for clarification as to the level of security provided with an attachment. 

Would users beyond the responsible group have any way of viewing these attachments?

Are there any other data security issues with this approach?


Thank you for your time!


Tags security attachments
Asked by Nick Durr on Wed 8/7/19 1:13 PM
Sign In to leave feedback or contribute an answer

Answer (1)

This answer has been marked as the accepted answer
Marcus Demas Wed 8/7/19 2:15 PM

Hello Nick, 

Attachments really do not have any security around them. If someone can get to the ticket, they would theoretically be able to see the attachment and the data inside the attachment. This includes TDNext users who have access to the ticketing app where the ticket resides, as well as anyone in TDClient where whol fills the role of requestor and/or creator and/or a contact on that ticket. TDAdmin users, aka admins would also be able to the attachment. We may be able to support that requirement, but you'd need to make sure those elements are accounted for. 

Does this help/make sense?

1 of 2 users found this helpful.
Yes. That does make sense.

Thank you for your prompt response.
- Nick Durr Wed 8/7/19 3:53 PM
As a follow up question, are there any file integrations for uploading attachments that could serve as a restricted repository of attachments, or are the file integrations all centralized around the briefcase? - Nick Durr Wed 8/7/19 4:24 PM
I am afraid that is not helpful for us. It has its value, but not so much to aid us in our goal here. - Marcus Demas Thu 8/8/19 4:45 PM