With data loss prevention (DLP) for Slack Connect, you can reduce the risk of sharing confidential, malicious, or personally identifiable information with people from external organizations. DLP for Slack Connect scans messages and files sent by members of your organization in channels and direct messages (DMs) for content that violates the rules you set.
DLP Admins can create customized rules using regex, or choose from several preconfigured rules to scan for messages in Slack that may require administrative action.
DLP Admins will receive a daily summary of rule violations via Slackbot and can take action on flagged messages and files from the DLP dashboard.
Create DLP rules
You can write your own custom rules or choose from several preconfigured rules to scan Slack for data like credit card numbers or personally identifiable information. When creating a rule, DLP Admins can choose to take one of the following actions when a rule is violated:
Hide (or “tombstone”) messages or files until they can be reviewed
From your desktop, click your organization name in the sidebar.
Hover over Tools & settings from the menu, then click Organization settings.
Click Security in the left sidebar, then choose Data loss prevention.
Click Create Rule in the top-right corner.
Under Rule name, choose a name for your rule.
Select an option from the drop-down menu to choose a preconfigured rule or click Use custom regular expression and enter a regex string you’d like to track.
Click Next.
Choose whether your rule applies to your entire organization or specific workspaces, then click Save Rule.
Note: Preconfigured DLP rules have been developed by Slack using algorithms based on industry best practices. Please note that preconfigured rules may not detect all targeted data and conversely, they may detect false positives.
Manage DLP rules
You can edit a DLP rule to change it, or deactivate a rule you no longer need.
From your desktop, click your organization name in the sidebar.
Hover over Tools & settings from the menu, then click Organization settings.
Click Security in the left sidebar, then choose Data loss prevention.
Under the Rules tab, click the three dots icon next to the rule you'd like to change.
Choose Edit or Deactivate and follow the prompts.
Click Save Rule or Deactivate to finish.
Manage DLP rule violations
When a member of your organization sends a message that violates a DLP rule, you'll see an alert in the Slack DLP dashboard. From the dashboard, you can then archive the alert, delete the message, or restore the message (if it was hidden). Remember that alerts expire after 90 days and will be removed from the DLP dashboard.
From your desktop, click your organization name in the sidebar.
Hover over Tools & settings from the menu, then click Organization settings.
Click Security in the left sidebar, then choose Data loss prevention.
Under the Alerts tab, click on a flagged message.
Click Manage in the top-right corner and select an action.
Note: Slackbot will notify people if their flagged messages or files are deleted.