Slack for IT and Security: 5 ways to streamline requests and incidents

Using Slack for IT and security

• 40

  hours saved per week*

• 19%

  reduced mean time to resolve incidents*

With technology moving faster than ever, companies often look to their IT department to lead the way. However, the approach to IT productivity needs an update. You can unlock new levels of performance by leveraging key automations and integrations in Slack. Streamlining the help desk experience, data monitoring, incident response and encryption keys are just some of the ways to unlock new levels of performance with Slack automations and integrations.

The future of IT productivity lies in mastering automation and AI. But before you can worry about productivity, you need to tend to the mountain of help desk requests in front of you and get that site back up and running. Let Slack help you stay adaptable as you revitalize your team’s responsiveness and job satisfaction.

Help your help desk

Challenges:

In a typical help desk scenario, your IT worker—we’ll call her Hannah—opens her work queue to see 10 of the exact requests for new laptops and five requests for application access. While looking at the work queue, Hannah gets two more new application access requests via email and direct message.

Hannah needs help with the repetition of manually managing tickets, and the influx of communication through email, DMs, and meeting invites further complicates her workload. Inefficient use of IT resources and a lack of visibility into ongoing issues leave her without time to prioritize critical incidents.

Solution:

You can help Hannah automate using:

• Immediate response to help desk requests. Huddles provide instant connection via audio, video or shared screens so your team can get more done where they’re already working to resolve an issue.
  • Hannah can use huddles to discuss things like incident response, integrations with ticket systems or security breaches.
  • When screen sharing in a huddle, IT teams can use the pencil icon to point out where to find things and provide real-time IT support for visual learners.
• Accelerated routine tasks. Slack lets you design workflows and lightweight custom apps that automate work and communications across technical and business teams. Slack features like channels, workflow builder and apps empower your help desk. Faster responses to routine issues allow more resources for complex cases. Help desks can utilize workflows in a multitude of ways.
  • When Help Desk Request channels are overwhelming, you can use workflows to automate responses to requests and ensure someone is assigned to handle them or identify if the work was already completed.
  • Help desk request forms can trigger a workflow from data in another app to reduce or eliminate the need for IT to manually ask people for more context on their request, saving time.
  • A workflow can collect information from multiple platforms and generate messages in a Platform Updates Status channel to alert the appropriate people when a platform is down. This could reduce or eliminate outage support tickets when a system goes offline.
  • Security teams could set up a workflow that creates a ticket in Asana marked “high priority” and route it to the appropriate individuals when a security issue happens. A workflow could also push an alert through a different system—text, for example—to alert the appropriate people if an issue that needs immediate attention comes in after hours.

Monitor data across systems

Challenges:

Monitoring threats across various tools can be overwhelming, impacting a team’s situational awareness and response time. Additionally, context switching between platforms slows issue resolution time. Charlie’s team needs help safeguarding the collaboration outside their organization and connecting the right people at the right time to react to threats.

Solution:

To help Charlie, you can:

• Deliver quick access to issue context. With all of your team’s tools and issue information in one central place, workload and tickets are manageable and resolved efficiently. To support your team without flooding the main incident channel, integrate apps like Jira and Salesforce or utilize Slack canvas to link to the broader incident response.
  • During a product sprint, for example, a team that wants to find the status of an issue could type the bug classification (e.g., “TIS-14”) in a Slack conversation, and the JIRA bot will instantly post a message with a basic issue summary. This eliminates the need for teams to copy and paste links and provides seamless context within an ongoing conversation.
  • IT teams can use canvas as a centralized location for people on disparate teams to share items—like software training status updates—which can be reviewed at standing meetings. A canvas could also house an FAQ on a companywide #it-problems channel to reduce IT requests that the employee could handle.

• Create dedicated Slack channels. Incident channels bring people together and deliver instant visibility. They also eliminate the need to monitor several tools across multiple screens—less context switching leads to improved efficiency. Slack Connect allows it to extend incident collaboration to vendors, partners, third-party developers and even customers in a secure place. Channel examples include:
  • #jan-12-cloud-incident
  • #platform-status-updates
  • #operations-security
  • #security-incidents
  • #all-tech-considered (a play on NPR’s “All Things Considered” that shares tech stories in the news)
• Utilize Slack app integrations. Slack provides out-of-the-box integrations with monitoring and incident response tools (PagerDuty, Datadog, AWS, etc.) that can flag when sensitive files or information are shared. Instant reactions can secure collaboration and protect data while keeping everyone connected.
• Improve processes. Multiple request sources, repetitive tasks and recurring issues leave fewer resources available for higher–priority tasks. When set up correctly, Slack channels can monitor data across systems to improve processes companywide to reduce repetitive, unfulfilling work, missed incidents and wasted IT time and resources.
  • When teams are required to jump from Slack to Asana to Google Docs, information and context can get lost. Bringing all the information and conversation into one platform saves time.
  • Teams can streamline system-down issues by automating system statuses from multiple platforms into one channel to notify the right people in real time.

Improve incident response

Challenges:

The rapid growth of best-in-class free and open-source tools creates tool overload, never-ending context switching and additional silos that slow down incident resolution. These modern API-driven architectures increase the pace and volume of software releases, eventually leading to more incidents.

Developers like Tyrese need help to assemble incident teams quickly. Getting everyone up to speed is difficult without a single source of truth. Sifting through separate emails, DMs and texts means troubleshooting happens in hours rather than minutes.

Solution:

To inspire Tyrese, you can use Slack tools to:

• Optimize incident management. Tools like huddles, Workflow Builder, Slack Connect, canvas and 2,600+ app integrations can facilitate real-time collaboration, and streamlined incident reviews and instant incident summaries. Slack timestamps and preserves actions, decisions and conversations during incidents, acting as an audit trail for incident reviews. This gives your team more time to spend innovating and less time putting out fires.
• Bring calm to the chaos with automation. An automated Slack message from AWS and PagerDuty can instantly notify your team in a #monitoring-alerts channel about a Sev1 login failure on the company’s mobile app. With the “Declare Incident” button, a responder can initiate a streamlined process, creating channels, tickets, and alerts while ensuring synchronized platform updates.
• Bookmark all relevant resources. Bookmarking resources like incident runbooks, Jira tickets, Service Cloud incidents and Zoom call links means easy access and efficient collaboration. Bookmarks also help with post-incident analysis and updates across multiple platforms.

Three simple tips for smoother incidents

1. Integrate and automate. Integrate your monitoring tools with our out-of-the-box Slack app integrations to create real-time alerts in the channels where your developers and engineers spend the most time. Next, integrate with other tools that can help you automate part or all of your incident response.
2. Use unique channels for each incident to supplement video war rooms. You don’t have to automate all steps of the process at once. If you still rely on a real-time “war room,” use consistently named channels such as #incd-240109-site-outage for each incident. Ideally, these channels are created from a workflow to supplement the tools you already use (Teams, Zoom, or even a Slack huddle). The result is incremental automation with a searchable archive of the incident.
3. Get out of DMs and use threads. Posting messages in threads will give your entire team transparency and neatly organize information so you’re not flooding the channel or overwhelming a larger team.

Enterprise Key Management (EKM)

Challenge:

Balancing robust data protection measures with a seamless user experience poses a significant challenge for security-conscious organizations. Selena wants to “bring her keys” and completely control data.

Solution:

To empower Selena, you can utilize Slack’s Enterprise Key Management (EKM) to:

• Gain complete visibility into when and where your data is accessed. Slack’s EKM provides detailed activity logs in Amazon’s AWS KMS to tell you exactly when and where your data is accessed. Encrypting and decrypting messages and files can then happen right in Slack.
• Fully manage key access. During an incident, rather than revoking access to the entire product, admins can revoke access in a granular, highly targeted manner at the organizational, workspace, channel, time frame and file levels.
• Reduce service disruption while addressing threats. That granular revocation ensures that teams continue working without interruption while admins suss out any risks.

What this means for admins and teams

You don’t have to navigate the future alone as an IT leader. Adopting features like Slack huddles, Workflow Builder and Enterprise Key Management will support your Help Desk and other IT professionals in streamlining and securing day-to-day operations.

If you have further questions, please contact our Help Center or support team.