Skip to main content

How to Share Sensitive, Secret, or PII with Arc Customer Support - Keybase.io

The vast majority of issues reported to Arc Customer Support (ACS) do not require the sharing of sensitive information to resolve. Information of a sensitive nature, like usernames, passwords, and private key files, should NEVER be included in a support ticket, comment, or attached file. Doing so may result in the immediate revocation of the disclosed credentials, loss of access to the ACS portal (to prevent further incidents), and it may be a violation of an agreement your organization has with a third party. Depending on the laws of your country, sharing this information could even be a crime.

If we do need your secrets, we'll ask

There are, of course, some occasions when we need the sensitive information to help you with your issue. In those cases, we ask you to follow the procedures outlined in this document.

Alternatives to sharing sensitive information

In many cases, you can give us enough information to work through an issue or identify an affected user without disclosure. For example:

  • If you’re having trouble accessing an API, and you’d like to share the API call you’re making, unless you’re receiving an error related to authentication, it’s likely fine to remove the auth details. If you believe this issue is an authentication problem, you can share just the first few characters of the key you’re using and <snip> the rest. That view of the key is enough for us to at least check that the key is valid.

  • If you have a customer in the Arc Subscriptions system who’s having trouble accessing your products, share their Arc UUID (their internal user ID) rather than the entire payload of the user record.

What about things that aren't really sensitive, like email addresses?

If the information being shared could be used to contact, harass, impersonate, or confuse a user when either alone or when combined with information from other sources, then it should not be included in support tickets.

Isn’t The ACS support system secure?

No. Jira Service Desk is not designed to handle personally identifying information (PII) and makes no claims to the contrary. Anyone in Arc XP and from your organization can view support tickets. Furthermore, this list of individuals changes over time. Jira Service Desk sends ticket updates through email to anyone considered a watcher on your tickets, and those emails can be forwarded.

When sharing secrets is absolutely necessary: Keybase.io

There are times when ACS must collect information that is secret. When that happens, the process is as follows:

  • ACS comments on the ticket for you to provide (or provide to you), through Keybase, specific secrets. They should reference this document in the process.

  • Keybase shares the specific secrets to the specific user receiving.

  • If enabled, the message self-deletes based on your settings. Keybase lets you define a lifespan for messages. After that time passes, Keybase deletes your messages. We recommend auto-deleting messages after 24 hours and no longer than seven days. You can also delete messages and files manually; however, that doesn't prevent things like taking screenshots, but it’s still a good practice.

When sharing secrets is absolutely necessary: Keybase.io

Getting Started With Keybase

Keybase is a tool that lets you securely share sensitive information with Arc XP. Keybase encrypts all secrets end to end, and only the individuals you choose to share it with can decrypted the messages.

Download and install Keybase

You can download Keybase from https://keybase.io/download. Follow the prompts for your platform to install. After you’re logged in to the Keybase app, you need to connect to the person you want to share information with.

  1. Click the People tab.

  2. Type the username into the search bar

  3. Click Chat.

gen_keybase_03.png

Make sure you're communicating with the correct user. In some cases, you can use the verifications in the highlighted area in the following image, but generally, see the list of Keybase usernames of Arc XP staff (next section).

gen_keybase_02.png

Sharing the information

After you connect to your ACS member, you can share secrets through chat.

gen_keybase_01.png

Every person you chat with has a folder for files that only the two of you can decrypt. If you’re in a group chat, everyone in that group can decrypt.

gen_keybase_00.png
gen_keybase_04.png
In this section: