IT Automation with Slack: File Security, Least Privilege Access, and War Rooms
October 20, 2022
3 minute read
In our last post about IT automation with Slack, we highlighted three easy use cases that anyone on your IT team can start automating right away. However, that is far from everything you can automate with BetterCloud and Slack! In this article, we’ll dive into three more automated workflows you can create to not only save time but also improve your security posture.
Slack is a robust tool for real-time collaboration. Beyond just chat, it offers video conferencing, file sharing, and much more. This makes it a very important app to keep secure. You want to keep the number of admins to a minimum, as well as make sure well-meaning employees don’t accidentally use Slack to cause a data breach. In this article, we’ll show you how to leverage automation to tackle both of those problems.
For immediate collaboration across locations and time zones, there are few apps better suited than Slack. For workplaces with distributed teams, Slack can become a key part in IT’s security incident response toolkit. When an incident occurs, private Slack channels can be used to create virtual war rooms to quickly share information and coordinate a response. Below, we’ll dive into how to create a war room with just a click, using an automated workflow in BetterCloud.
#1. Automatically remove shared file links when PII is detected
File security is not often top of mind when you think of Slack. But Slack’s robust integration with Google Drive and other file-sharing apps makes it easy for a well-meaning employee to inadvertently cause a data breach. All they have to do is create a file, add in personal or proprietary data, and add it to Slack. With just one more click, they can share it with the person they are chatting with—or even an entire channel!
With BetterCloud and Slack, you can set up alerts that let you know the minute someone shares a file that contains personal or proprietary information.
For certain types of information, you can go a step further to automatically remediate the threat. You can build an alert-based workflow that immediately removes the shared file link in Slack, so the file can no longer be accessed.
Beyond just Slack, BetterCloud also integrates with Google Drive, DropBox, and other file-sharing apps to take even more remediation steps automatically. Check out our “how-to” on automating file security to learn more.
#2. Automatically disable or delete new super admin accounts
Enforcing a least privilege access policy can be very difficult in a SaaS-filled IT environment. When multiple IT team members need to access an app like Slack to make high-level changes, you can end up with multiple accounts, all with high-level administrative access. However, the more of these accounts you have, the more chances there are that one of them could become compromised.
BetterCloud helps enforce least privilege access in multiple ways. The first is by having your IT team use BetterCloud to administer Slack instead of logging into Slack directly.
With more than 25 actions you can take in Slack via BetterCloud’s interface, you no longer need to have multiple Slack accounts with elevated privileges.
You can also set up an alert to notify you if too many super admin accounts have been created. If your least privilege access policy states that you can have at most two super admin accounts in Slack, you can set an alert to notify you if a third account gets created. You can then create an alert-based workflow that immediately disables or deletes the new account, enforcing your policy automatically.
#3. Create a virtual war room in seconds
When a security incident occurs, there is little time to waste. Stakeholders must be notified immediately, and often, multiple teams of employees should be assembled in order to respond effectively. For today’s distributed workplaces, few tools are better suited for this type of real-time collaboration than Slack. However, if your IT team has to manually create new channels, invite members, and then notify them, you can waste critical response time.
With BetterCloud, you can set up one-click, on-demand workflows that create a virtual war room in Slack in seconds. When a security issue is detected, anyone on your IT team can click one button to instantly create a private channel, name it, invite the right stakeholders, and send them a Slack message. It can even follow up with an email notification to be sure people know where and how to assemble.
To see how easy it is to create these workflows, check out our demo video below:
Now that we’ve spent two articles discussing six use cases for IT automation with Slack, you might think we’ve run out of things you can automate. But the truth is, we’ve just scratched the surface. Inside of BetterCloud, there are 25 actions and 16 alerts you can add to workflows to automate even more with Slack. As Slack becomes everyone’s new “digital headquarters,” IT can save themselves a lot of time, remediate security threats, and improve everyone’s employee experience by automating with BetterCloud.
To see BetterCloud’s Slack integration in action, schedule a demo today.