Using Slack to Enhance Security Blog post

Tips From the Trenches: Using Slack to Enhance Security

Slack, the popular collaboration tool, got more than its share of media attention last month. All this Slack buzz gives us an opportunity to share how we use Slack here at Code42. We’ve thoroughly vetted Slack, and rather than banning it as a security risk, we actually use the tool to enhance our security capabilities.

Why Code42 uses Slack

So, what about those security concerns? Any tool that facilitates the sharing of information brings some risk of user abuse or error , such as oversharing, mis-sharing, etc. That’s true for Slack, just as it’s true for Google Docs, Dropbox — and even, yes, Microsoft Teams. Just like our approach to data loss protection, our internal security strategy takes an honest look at risk mitigation that focuses on the biggest risks — without unnecessarily impeding productivity, collaboration and innovation. Like all our third-party vendors, we hold Slack to our rigorous vendor security standard, which includes an annual vendor security risk reassessment process. Moreover, we’ve put security controls in place that balance the need to mitigate the inherent risks of information-sharing with the productivity and innovation value of the tool itself.

How we use Slack

At Code42, nearly every employee uses Slack every day for real-time direct messaging, increasing productivity and helping us deliver on one of our core company values: Get it Done, Do it Right. The Code42 security team, in particular, leverages Slack in unique and powerful ways.  Here are a couple ways we have integrated Slack functionality to improve our internal security program:

  1. Security alert notifications: Slack’s Incoming WebHooks allow you to connect applications and services to your Enterprise Slack. We use this capability to implement security notifications tied to activities in our security applications, which are then posted in a corresponding Slack channel. This provides our security analysts and partners across the business with real-time alerts right in the application where they are already communicating and collaborating throughout the day, helping them take appropriate and timely action.

    For instance, we have created private channels to alert on critical events within different environments, such as alerts from Capital One’s Cloud Custodian. The alerts are based on policy violations that we define in YAML policy files. Cloud Custodian then alerts our team — and takes action when needed. For example, if Cloud Custodian sees an S3 bucket configured as public, it will make it private by changing permissions in the access control lists (ACLs) and bucket policies — and then notify our teams of the change via Slack as depicted below.



    Screenshot of Slack’s Incoming WebHooks tool:


  2. Security news and updates: Our security team also created a public channel (open to everyone at Code42) as a collaborative workspace for all users. The public channel enables staff to crowdsource and share security knowledge, and to have discussions around the latest security news. Anyone can post security articles, whitepapers, podcasts, blogs or news — highlighting interesting ideas — and weighing in on each other’s responses. This channel acts as a security news feed, delivering just-in-time security-related information to employees to keep them aware of the latest security threats and trends. Code42 employees also often post what they are seeing in their own news feeds as they become more security savvy.

Walking the Talk

At Code42, we talk a lot about the fundamental paradox of enterprise information security: Information-sharing is both the key to success — and the biggest risk — in organizations. The smart approach focuses on controlling the risk, so you can unlock that value. We’ve vetted Slack and put security controls in place, so we can leverage its capabilities to fuel collaboration, enhance productivity and improve our internal security capabilities. Slack integrates with our security tools for real-time alerting and allows us to quickly disseminate security knowledge throughout the organization. Our internal use of Slack demonstrates how we walk the talk in our own approach to information security.

Join Code42 at Evolution18

Ready to take your Code42 administration skills to the next level? Join us April 9-11, 2018, at the Westin St. Francis in San Francisco for Evolution, our annual education conference. At Evolution18, you’ll hear the latest on all the most important topics in data security, connect with industry experts, learn from the pros in our 30+ breakout sessions, get certified on Code42 administration – and you’ll have a pretty good time while doing it all!

For Code42 administrators, Evolution18 presents a valuable opportunity to learn the latest information and best practices in endpoint data protection, visibility and recovery, including the opportunity for instructor-led product trainings and certification. Some of the scheduled sessions include “How Industry Leaders are Approaching Threat Hunting,” “Running the Business vs. Building the Business: An IT Leader’s Guide to Demonstrating Business Value,” “How Code42 Uses Code42: Our Insider Tips and Tricks” and many more.

Evolution18 also presents the opportunity to hear from some of the thought leaders in the cybersecurity space. We are especially thrilled to hear from our just-announced guest keynote speaker, Theresa Payton. Whether you know her as the star of the CBS series “Hunted” or as the first woman to serve as White House chief information officer, her varied and unique experiences will certainly make for a can’t-miss keynote speech.

“We are thrilled to bring together customers for our annual conference, which has become a destination for the latest in data security education and Code42 product certifications,” said Joe Payne, president and CEO of Code42. “Our event draws IT and security thought leaders in charge of protecting some of the world’s most recognized brands. Attendees will hear from industry experts, like Theresa Payton, and discover ways to address some of the most important and complex data security challenges facing organizations today.”

We hope you can join us for Evolution18 this April in San Francisco. In addition to the opportunity to get certified in Code42 administration, the conference is always a great opportunity to connect with peers, industry insiders and Code42 employees. Plus, we always have a few special surprises in store for guests! Highlights from last year’s event included a welcome reception inspired by the foods of different San Francisco neighborhoods, a ping pong party with customized graffiti-tagged paddles, a claw machine loaded with Code42 swag and much more!

Watch the highlights from Evolution17, including the welcome reception and day 1 events.