Webinar: Join us, Tues 5/24. Nightfall & Hanzo experts will discuss how machine learning can enhance data governance, data security, and the efficiency of legal investigations. Register now ⟶

The Essential Guide to Slack DLP
Guides 4 min read

The Essential Guide to Slack Data Loss Prevention (DLP)

by isaacmadan Published Dec 27, 2021

How to implement data loss prevention (DLP) on Slack, and detect leakage of sensitive data across any Slack workspace.

What is Data Loss Prevention (DLP)?

Nightfall cloud data loss prevention

DLP ensures confidential or sensitive information (like credit card numbers, PII, and API keys) isn’t shared outside of Slack by scanning for content within messages and files that break predefined policies.

DLP is important for both security and compliance reasons. With DLP in place, you’ll be able to:

  • Protect users from accidentally or intentionally sharing sensitive information.
  • Train and coach users on your data sharing policies.
  • Ensure compliance with HIPAA, PCI, GDPR, and more.
  • Prevent toxic behavior such as profanity.
  • Reduce manual time spent reviewing content shared in Slack.

Does Slack have DLP functionality built-in?

No, Slack relies on third-party apps (like Nightfall) to provide DLP functionality in Slack. Nightfall is a Slack DLP partner.

If HIPAA compliance applies to your organization, it is important to note that a DLP solution is required in order to use Slack in a HIPAA-compliant way.

How do I implement DLP on Slack?

Slack DLP alert
  • You can implement DLP via third-party vendors that either (a) connect directly as a Slack bot (aka “cloud DLP” or “API-driven DLP”), (b) install as an endpoint agent on user devices (aka “endpoint DLP”), or (c) install as a network agent to scan for Slack-related traffic (aka “network DLP”).
  • The Slack bot modality is recommended because it has no impact on end-users, will work regardless of the end-user’s device or network, has the full context provided by the Slack API, and provides the ability to remediate sensitive data directly in Slack.
  • Nightfall installs as a Slack bot, which means it can be added in seconds to your Slack account. Nightfall connects to Slack directly over Slack’s APIs.
  • No additional set up, tuning, or installed agents are required. Schedule a demo.

Does DLP work on any Slack plan?

Many DLP solutions don’t support every Slack plan. Nightfall is the first DLP solution to support any Slack plan:

  • Nightfall Pro is designed for Slack Free, Pro, and Business+ plans. You’ll be able to scan all public channels. Learn more.
  • Nightfall Enterprise is designed for Slack Enterprise plans. You’ll be able to scan the entire Slack organization via Slack’s Discovery API. This includes all public & private channels, groups, and direct messages. Learn more.

Can DLP scan my entire Slack organization?

  • Scanning your entire Slack organization means scanning all messages & files in all public, private, and shared channels, and all groups & direct messages.
  • If you wish to scan your entire Slack organization, the key things you’ll need are:
    • A DLP solution that is a Slack Enterprise partner
    • Access to the Slack Discovery API
  • It’s important to note that only official Slack DLP partners like Nightfall are able to connect to Slack via their Discovery API.
  • The Slack Discovery API is included in Slack Enterprise plans. Even if you have a Slack Enterprise plan, the Discovery API may not be enabled by default. To enable the Discovery API or check if you have it enabled on your plan, contact Slack.
  • See a full comparison of Nightfall Pro vs Enterprise.

What is Slack Connect?

Slack app image
  • Slack Connect takes the concept of shared channels – channels where companies that interact frequently can collaborate – to the next level, offering a way for up to 20 organizations to work together over chat, and more. If your organization needs to share data frequently with those outside your organization, Slack Connect might be a good option.
  • DLP becomes even more important when Slack Connect is enabled because users can now easily share confidential data with external users directly within Slack. External channels can be easily confused with internal ones. Accidential data sharing in shared channels is common.

What Slack plan do I have?

  • You can find out which Slack plan you are on by navigating to your Admin settings at {your-Slack-subdomain}.slack.com/home
  • Under the Billing tab, you’ll see the name of your plan. For example, you’ll see a line like: “Your workspace is is on the Pro plan.”

What is Nightfall?

  • Nightfall is a platform to discover, classify, and protect sensitive data across cloud SaaS & data infrastructure via machine learning.
  • Nightfall’s Slack bot helps you instantly add DLP functionality to Slack.
  • The bot detects sensitive data in files & messages in real-time. Get alerted & take remediative action directly within Slack.
  • Nightfall supports compliance efforts with PCI, GDPR, HIPAA, CCPA, SOX, and many others.
  • Watch a demo video of Nightfall for Slack.

How does Nightfall work?

Nightfall cloud DLP platform
  • Discover: Continuously monitor sensitive data that is flowing into and out of files & messages in Slack.
  • Classify: Machine learning classifies your sensitive data & PII automatically, without prior tuning or tagging, so nothing gets missed.
  • Protect: Take manual actions or setup automated DLP workflows for quarantines, deletions, alerts, and more – saving you time and keeping your business safe.

Key Benefits of Nightfall

  • Install in minutes – no setup, tuning, or agents required.
  • Leverage pre-trained, standard detectors out of the box for PII, PHI, PCI, credentials & secrets, and more.
  • Customize Nightfall detectors and build your own detectors.
  • Create highly configurable policies that apply different detectors and rules based on channel type (public vs private vs shared), users, and more.
  • Real-time alerts directly in Slack for ease of use.
  • Integrate with multiple SaaS applications like Google Drive, Jira, and GitHub, and use the same detection settings across them.
  • Enterprise-grade security including TLS and AES256 encryption and SOC 2 Type compliance. Nightfall also fits in your security workflow by integrating with products like your SIEM, issue tracking, and more.
  • Detailed Help Center, high-touch support, and dedicated customer success manager.

What does DLP detect?

  • DLP solutions should be equipped to scan a broad set of data types, including personally identifiable information (PII), protected health information (PHI), Finance and payment card information (PCI), Health, Networking, Credentials & Secrets (API keys, cryptographic keys), and more.
  • Nightfall comes with pre-built detectors out of the box that cover a comprehensive set of data types, industries, and geographies.
  • Nightfall provides the ability to add in custom detectors, rules, keywords, and regexes as well.
  • Review our list of Detectors and learn more about them in our Help Center.

Does DLP scan files too?

  • You’ll want a DLP solution that scans both files & messages.
  • Nightfall supports a broad set of file types including but not limited to xls/xlsx, doc/docx, csv, plain text, ppt/pptx, PDF, HTML, and more.

How do I get started?

Subscribe to our newsletter

Receive our latest content and updates

Nightfall logo icon

About Nightfall

Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.

 

Schedule a Demo

Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at sales@nightfall.ai.

call to action

See Nightfall in action.

Schedule a demo