Slack Configurations

How to configure your Slack integration

There are several settings you can configure to personalize your Slack integration to suit your business needs.

In this guide, we'll go over these settings and how to set them up.

To see how to enable Slack, please click here.

You may see a "Fix Permissions" button in your Slack page. If you're having issues with notifications or any other area of the Slack integration, please click this button to restore any permissions that could be causing the problem.

Login Tracking

Enable this setting if you'd like CultureAI to monitor Slack logins, to report on software versions of Slack being used in case employees are using an out-of-date version of Slack, or if an unknown login has been detected.

MFA Tracking

If you'd like CultureAI to report on employees logging into Slack without using MFA, enable this setting.

Channels

There are two ways our Security Bot can join your public channels.

The SlackBot has some standard messages it will send when interacting with channels. These messages are required by Slack and we are not able to prevent them from being sent. Messages that will be sent are;

  • A message when joining a channel
  • A message when leaving a channel
  • A message when attempting to join a channel that they're blocked from joining (for example, if someone tags the SlackBot in a channel that they are blocked from joining)

Automatic Joining

Our Security Bot will automatically join all new channels. If you have this enabled, please note that if you remove a bot from a channel, it will attempt to re-join it automatically.

If you want the bot to be in all channels, minus a few, enable the automatic joining setting. Once the bot is in all channels, disable this setting and remove the bot from any unwanted channels.

Leave this setting disabled, and manually add the bot to any new channels.

Manually Adding

If you'd prefer to manually add the Security Bot to channels, disable the automatic joining setting. This will prevent the Security Bot from automatically joining any of your public channels. 

  1. Select the channel where you want to invite the Security Bot
  2. In the message field, type @ and type the bot name "Security Bot"
  3. Send the message to the channel. You will receive a pop-up dialog to help you invite the bot to the channel

Private Channels

If you'd like to invite the bot to any private channels, you will need to do this manually. Follow the above steps to add the bot to private channels.

Message Security Settings

Here you can configure your message settings. This allows the Slack integration to monitor and flag messages that may violate security patterns.

Message Reporting

This will add an option into Slack for your employees to report any messages themselves. 

This can be found by hovering over a message and clicking the three dots 'More Actions' button. Slack will only display three message shortcuts, if the reporting option doesn't show up there, click on the 'More Message Shortcuts' button. 

Message Scanning

Enable this setting if you'd like CultureAI to monitor messages sent in channels the bot is active. Any messages that trigger your secure words or patterns will be flagged up and deleted depending on your settings.

Message Storage Mode

Click the dropdown box to select what kinds of messages CultureAI will store.

CultureAI will never store the sensitive PII data, any PII will be deleted as soon as it's been processed.

  • Do not save any messages - CultureAI will not store any messages, this means you will not be able to go back and review any Slack messages via CultureAI
  • Save all messages containing PII - CultureAI will store all messages that trigger our Security Bot
  • Save only disputed messages - CultureAI will only store messages that employees dispute 

Secure Words

You can configure secure words that our Security Bot will scan messages for. This is useful if you a secret project that you don't want discussed in public channels, or any internal phrases that you don't want to be used in Slack.

Click the 'Add Secure Word' button to add a word into your Secure Word pool.

Secure Patterns

You can set up Secure Patterns for our Slack Bot to monitor. These patterns use Regex (Regular Expressions - A pattern detection language). This is useful if you have internal ID's, such as ticket numbers that may get flagged as PII if they look similar to credit card numbers, for example.

You can choose what action you want to be taken with the Regex, you can mark it is safe if you don't want it to be flagged up, or mark it as different levels of severity. 

We recommend that someone in your company that is familiar with coding and Regex creates these for you. However, if you're looking to learn how to create basic pattern strings, you can use Regex101 as a useful learning tool.

Customisation

You can change the display name, and icon of the Slack Bot, if you'd like it to fit in with your own company branding or any existing bots you have.

You can change the name by typing into the 'Security Bot name' box.

Upload a PNG or JPG image to change the Bot icon by dropping a file into the blue box, or clicking to upload a file.

Once you're done, click 'Save'

Please note that due to Slack limitations, the customisation will only appear in direct messages from the Security Bot to your employees. This is a limitation on Slacks' side that we're not able to circumvent. 

Phishing Settings

Our Slack Phishing feature is currently in Beta, if you enable Slack Phishing you may encounter bugs.

If you do encounter anything, please reach out to our support team to report this. Our support team can pass this onto our engineering team to add to their work with the Slack Phishing feature.