Slack Connect: Data loss prevention

With data loss prevention (DLP) for Slack Connect, you can reduce the risk of sharing confidential, malicious, or personally identifiable information with people from external organisations. DLP for Slack Connect scans messages and files sent by members of your organisation in channels and direct messages (DMs) for content that violates the rules you set. 

How it works

  • Org primary owners and members with the roles admin system role can assign the DLP admin system role to members. 
  • DLP Admins can create customised rules using regex or choose from several preconfigured rules to scan for messages in Slack that may require administrative action.
  • DLP admins will receive a daily summary of rule violations via Slackbot and can take action on flagged messages and files from the DLP dashboard. 

 

Create DLP rules

You can write your own custom rules or choose from several preconfigured rules to scan Slack for data like credit card numbers or personally identifiable information. When creating a rule, DLP admins can choose to take one of the following actions when a rule is violated:

  • Display DLP dashboard alert only 
  • Show a warning to members who violate a DLP rule
  • Hide (or ‘tombstone’) messages or files until they can be reviewed
  1. From your desktop, click your organisation name in the sidebar.
  2. Hover over Tools & settings from the menu, then click Organisation settings.
  3. Click  Security in the left-hand sidebar, then choose Data loss prevention.
  4. Click Create rule in the top-right corner.
  5. Under Rule name, choose a name for your rule.
  6. Select an option from the drop-down menu to choose a preconfigured rule or click Use custom regular expression and enter a regex string that you’d like to track.
  7. Click Next.
  8. Choose whether your rule applies to your entire organisation or specific workspaces, then click Save Rule

Note: Preconfigured DLP rules have been developed by Slack using algorithms based on industry best practices. Please note that preconfigured rules may not detect all targeted data and conversely, they may detect false positives.

 

Manage DLP rules

You can edit a DLP rule to change it or deactivate a rule you no longer need.

  1. From your desktop, click your organisation name in the sidebar.
  2. Hover over Tools & settings from the menu, then click Organisation settings.
  3. Click  Security in the left-hand sidebar, then choose Data loss prevention.
  4. Under the Rules tab, click the   three dots icon next to the rule that you'd like to change. 
  5. Choose Edit or Deactivate and follow the prompts.  
  6. Click Save rule or Deactivate to finish.


Manage DLP rule violations

When a member of your organisation sends a message that violates a DLP rule, you’ll see an alert in the Slack DLP dashboard. From the dashboard, you can then archive the alert, delete the message or restore the message (if it was hidden). Remember that alerts expire after 90 days and will be removed from the DLP dashboard.

  1. From your desktop, click your organisation name in the sidebar.
  2. Hover over Tools & settings from the menu, then click Organisation settings.
  3. Click  Security in the left-hand sidebar, then choose Data loss prevention.
  4. Under the Alerts tab, click on a flagged message. 
  5. Click Manage in the top-right corner and select an action.

Note: Slackbot will notify people if their flagged messages or files are deleted.

Who can use this feature?
  • Members with the DLP admin system role
  • Available on the Enterprise Grid subscription