Slack Connect: Data loss prevention

With data loss prevention (DLP) for Slack Connect, you can reduce the risk of sharing confidential, malicious or personally identifiable content with people from external organisations. DLP for Slack Connect scans messages and files sent by members of your organisation in channels and direct messages (DMs) for content that violates custom rules that you create.

How it works

  • Org primary owners and members with the roles admin system role can assign the DLP admin system role to members. 
  • DLP admins can create custom rules using regular expression (regex) format that will flag messages or files for administrative action. 
  • DLP admins will receive a daily summary of rule violations via Slackbot and can take action on flagged messages and files from the DLP dashboard. 

Tip: You can use DLP for Slack Connect in conjunction with third-party solutions supported by the Discovery API.

 

Create DLP rules

When creating a rule, you can choose from the following actions to take when a rule is violated: 

  • Alert only 
  • Hide (or ‘tombstone’) messages or files until they can be reviewed
  • Show a warning to members that violate a DLP rule
  1. From your desktop, click on your workspace name at the top left.
  2. Select Settings & administration from the menu, then click on Organisation settings.
  3. Click  Security in the left-hand column, then choose Data loss prevention.
  4. Click Create rule in the top-right corner.
  5. Under Rule name, choose a name for your rule.
  6. Under Regular expression, enter a string that you’d like to track and select an Action to take when the rule is triggered.
  7. Click on Save.

 

Manage alerts

When a member of your organisation sends a message that violates a DLP rule, you’ll see an alert in the Slack DLP dashboard. From the dashboard, you can then archive the alert, delete the message or restore the message (if it was hidden).

  1. From your desktop, click on your workspace name at the top left.
  2. Select Settings & administration from the menu, then click on Organisation settings.
  3. Click  Security in the left-hand column, then choose Data loss prevention.
  4. Under the Alerts tab, click on a flagged message. 
  5. Click Manage in the top-right corner and select an action.

Note: Slackbot will notify people if their flagged messages or files are deleted.

Who can use this feature?
  • Members with the DLP admin system role
  • Available on the Enterprise Grid subscription

With data loss prevention (DLP) for Slack Connect, you can reduce the risk of sharing confidential, malicious or personally identifiable content with people from external organisations. DLP for Slack Connect scans messages and files sent by members of your organisation in channels and direct messages (DMs) for content that violates custom rules that you create.

How it works

  • Org primary owners and members with the roles admin system role can assign the DLP admin system role to members. 
  • DLP admins can create custom rules using regular expression (regex) format that will flag messages or files for administrative action. 
  • DLP admins will receive a daily summary of rule violations via Slackbot and can take action on flagged messages and files from the DLP dashboard. 

Tip: You can use DLP for Slack Connect in conjunction with third-party solutions supported by the Discovery API.

 

Create DLP rules

When creating a rule, DLP admins can choose to take one of the following actions when a rule is violated:

  • Display DLP dashboard alert only 
  • Show a warning to members who violate a DLP rule
  • Hide (or ‘tombstone’) messages or files until they can be reviewed
  1. From your desktop, click your organisation name in the sidebar.
  2. Select Tools & settings from the menu, then click Organisation settings.
  3. Click  Security in the left-hand sidebar, then choose Data loss prevention.
  4. Click Create rule in the top-right corner.
  5. Under Rule name, choose a name for your rule.
  6. Under Regular expression, enter a string that you’d like to track, and select an Action to take when the rule is triggered.
  7. Click Next.
  8. Choose whether your rule applies to your entire org or specific workspaces, then click Save rule

 

Manage DLP rules

Once a DLP rule is created, you can edit it to make changes. If you no longer need a rule, you can deactivate it. 

  1. From your desktop, click your organisation name in the sidebar.
  2. Select Tools & settings from the menu, then click Organisation settings.
  3. Click  Security in the left-hand column, then choose Data loss prevention.
  4. Under the Rules tab, click the   three dots icon next to the rule that you'd like to change. 
  5. Choose Edit or Deactivate and follow the prompts.  
  6. Click Save rule or Deactivate to finish.


Manage alerts

When a member of your organisation sends a message that violates a DLP rule, you’ll see an alert in the Slack DLP dashboard. From the dashboard, you can then archive the alert, delete the message or restore the message (if it was hidden).

  1. From your desktop, click your organisation name in the sidebar.
  2. Select Tools & settings from the menu, then click Organisation settings.
  3. Click  Security in the left-hand column, then choose Data loss prevention.
  4. Under the Alerts tab, click on a flagged message. 
  5. Click Manage in the top-right corner and select an action.

Note: Slackbot will notify people if their flagged messages or files are deleted.

Who can use this feature?
  • Members with the DLP admin system role
  • Available on the Enterprise Grid subscription