Email Sync Leading to Sensitive Emails Getting Posted

Hello, has anyone else found an issue with email sync where ALL emails will get posted to your company's Account record on the history tab? Since all internal employees are part of our company's account, this means if our employees sync our O365 email accounts with bpm'online, then ALL emails are visible to ALL employees. This could be problematic if a manager is using email to discuss one of their employees compensation or performance.

Does anyone have any suggestions how to avoid this issue?

We like email sync for the visibility and history of communication between our company employees and our clients. However the caveat of intra-company emails being seen by all is not ideal.

Like 0

Like

8 comments

Dear Mitch,

There is no such out-of-the-box functionality that wold record the emails on the Our Company account. It seems like you have some custom Email detail that is based on Contact object. The default settings are as follows http://prntscr.com/nfuwza

Most likely the current one is based on contact object. Please make sure you have the correct detail. 

Best regards,

Dean

Dean Parrett,

We are using the out of the box email detail, the same as what you show in your screenshot. Since I am a contact in our instance, and my company is my account connected to my contact record, any email that syncs from my O365 outlook account to bpm is shown in the email detail on the account page history tab. Access for all of our users is open for accounts and contacts, this means every user can see every email for everyone. For this reason we have stopped using email sync and have instead started using the SmartCloud Connect Marketplace Add-in for Outlook.

Dear Mitch,

We've tried to recreate the same behavior but no emails getting posted in the account history. In this respect, I'd like to suggest you to approach our support team via support@bpmonline.com and investigate the issue in your particular environment.

Best regards,

Dean

Dean Parrett,

I can do that, but isn't this very basic functionality of bpm? If a email enters bpm'online via email sync, and sender's email belongs to a contact in the system, the email gets recorded as an email type activity and that activity record automatically inherits the connections of the contact and account.

We rely on this functionality for case creation, if a contact sends an email to create a case, the case gets created and the contact and account columns get filled in automatically. The problem is this also leads to our own internal emails all getting recorded if we use email sync for our own internal email accounts.

Dear Mitch,

Yes, linking the emails is a basic functionality but the problem here might be in the access rights. Therefore, it is better to approach our support team to have a closer look into the permissions settings to make sure you are provided with the correct solution. Also there might be a change that indeed it is some bug and we would need to investigate it.

Best regards,

Dean

Mitch Kaschub,

Hey Mitch - wondering what was the outcome of this? We are seeing similar issues on our side. 

Hi Alex, here is the resolution provided to me from my support case I had opened:

"Dear Mitch,

There is a feature called MailboxRightsForEmail. This feature divides emails and activities and grant different rights for them. This feature is currently disabled so all emails have the same access rights as activities - thus all users can see all emails. We can enable it on your instance but it will lead to mass data loss if the access rights are not set up. By saying that I mean that if there are users who must see certain emails they will not see it anymore if mailbox is not shared. So before we enable that feature please go through all mailboxes that exist in the system and make sure that all users have proper access rights for them."

 

I intend to explore this feature in a test environment to see how to use it and how well it works. In the interim, our solution is to use the outlook Add-in called "Smartcloud Connect for bpmonline" where users can push one specific targeted email to bpm from their outlook mailbox.

Alex Zarate,

see response above.

Show all comments