Slack data loss prevention
With data loss prevention (DLP) for Slack, you can reduce the risk of sharing confidential, malicious, or personally identifiable information in your Slack organization. Slack DLP scans messages, text-based files, and canvases sent by members of your organization for content that violates rules you create.
How it works
- Org Primary Owners and members with the Roles Admin system role can assign the DLP Admin system role to members.
- DLP Admins can create customized rules using regex, or choose from several preconfigured rules to scan for messages and files in Slack that may require administrative action. Rules can be further customized to apply only in Slack Connect conversations and to specific workspaces in your Enterprise Grid organization.
- DLP Admins will receive a daily summary of rule violations via Slackbot and can take action on messages and files from the DLP dashboard.
Note: Canvases in Slack Connect conversations won’t be scanned by DLP.
Create DLP rules
You can write your own custom rules or choose from several preconfigured rules to scan Slack for data like credit card numbers or personally identifiable information. When creating a rule, DLP Admins can choose to take one of the following actions when a rule is violated:
- Display DLP dashboard alert only
- Show a warning to members who violate a DLP rule*
- Hide (or “tombstone”) messages or files until they can be reviewed
* Member warnings can’t be displayed on canvases that violate a DLP rule.
- From your desktop, click your organization name in the sidebar.
- Hover over Tools & settings from the menu, then click Organization settings.
- Click Security in the left sidebar, then choose Data loss prevention.
- Click Create Rule in the top-right corner.
- Under Rule name, choose a name for your rule.
- Select an option from the drop-down menu to choose a preconfigured rule or click Use custom regular expression and enter a regex string you’d like to track.
- Select an Action to take and (if applicable) customize the text that appears when your rule is violated, then click Next.
- Choose whether your rule applies to Slack Connect conversations, then choose if you’d like to limit your rule to specific workspaces in your grid org.
- Click Save Rule to finish.
Note: Preconfigured DLP rules have been developed by Slack using algorithms based on industry best practices. Please note that preconfigured rules may not detect all targeted data and conversely, they may detect false positives.
Manage DLP rules
You can edit a DLP rule to change it, or deactivate a rule you no longer need.
- From your desktop, click your organization name in the sidebar.
- Hover over Tools & settings from the menu, then click Organization settings.
- Click Security in the left sidebar, then choose Data loss prevention.
- Under the Rules tab, click the three dots icon next to the rule you'd like to change.
- Choose Edit or Deactivate and follow the prompts.
- Click Save Rule or Deactivate to finish.
Manage DLP rule violations
When a member of your organization sends a message that violates a DLP rule, you'll see an alert in the Slack DLP dashboard. From the dashboard, you can then archive the alert, delete the message, or restore the message (if it was hidden). Remember that alerts expire after 90 days and will be removed from the DLP dashboard.
- From your desktop, click your organization name in the sidebar.
- Hover over Tools & settings from the menu, then click Organization settings.
- Click Security in the left sidebar, then choose Data loss prevention.
- Under the Alerts tab, click on a flagged message.
- Click Manage in the top-right corner and select an action.
Note: Slackbot will notify people if their flagged messages or files are deleted.
- Members with the DLP Admin system role
- Available on the Enterprise Grid plan