Slack

Connecting Slack to LightBeam

Overview

LightBeam Spectra users can connect various data sources to the LightBeam application and these data sources will be continuously monitored for PII, PHI data.

Example: Slack, Gmail, MS Outlook, etc.

Connecting Slack Data Source

Login to your LightBeam Instance.
Click on DATASOURCES on the Top Navigation Bar.
Click on “Add a data source”.

Search for “Slack”.

Click on Slack.

Fill in the requested information and click on Next.

Basic Information

Data Source Name: This is the unique name given to the data source.
Description: This is an optional field needed to describe the use of this data source.
Primary Owner: Email address of the person responsible for this data source which will get alerts by default.
Entity Creation: LightBeam Spectra detects and associates attributes based on the context and identifies whose data it is; these are called entities. Example: Jane Doe is an entity for whom LightBeam Spectra might have detected Name and SSN in a monitored data source.
Source of Truth: LightBeam Spectra would have monitored data sources that contain data acting as a single point of truth and that can be used for looking up entities/attributes which help to identify if the other attributes/entities found in any other data source are accurate or not. A Source of Truth data set would create entities based on the attributes found in the data.
Location: The location of the data source.
Purpose: The purpose of the data being collected/processed.
Stage: The stage of the data source. Example: Source, Processing, Archival, etc.

Provide the credentials as shown below and click on Test Connection.

Verify that you get the message Success on the screen. Click on Next.

To get notifications for all the scanned channels, keep the default selection. To send notifications to a channel of your choice, select ‘Send Notification to specified channel’.

Now select a channel from the drop-down list.

In this step, you can choose either of two scan setting options –

i) Scan all Channels

ii) Scan selected Channels

To choose option (i), select Scan all Channels, and click on Save.

To choose option (ii), select Scan selected Channels.

Click on Add Channel to inclusion list.

Now enter the names of the channels that you would like to include for scanning in the search box individually.

Select the channels by ticking the checkboxes next to them.

Click on Save.

Additionally, as shown in Figure 5.1, the configuration settings for 'Bot notification settings' are displayed.

You can choose either of two options –

i) Send notification to scanned channels (default): Notifications will be posted in the same channel as a reply when a PII message is detected.

ii) Scan selected channels: Notifications will be sent to a specified channel with a link to the original message when a PII message is detected.

Now we are ready to browse through onboarded Slack data source dashboard.

Appendix

Registering Slack datasource with tokens

Important Notes:

Slack bot Behaviour: Channels which are configured for scanning, Slack bot will be added to that particular channels.
Workspace Permissions: These configuration steps can be performed in an existing workspace. However, keep in mind that you'll need the workspace administrator's permission to complete the installation process.
Private Channel Scanning: In order to scan private channels, you must explicitly add the bot to each individual channel. LightBeam cannot monitor private channels without this manual addition. If you do not add the bot to a private channel, it won't be visible in the configuration page for scanning.
New Channel Availability: After a new channel is created, there's approximately a 30-minute wait time before it appears in the dropdown list on the configuration page. Once it appears, you can add it to the scan list if you're using the inclusion list configuration. If you've opted for the "scan all" option, the new channel will automatically be included in the scanning process.

Creating a Slack App from a Manifest

Click on from an app manifest

Select a workspace you want to connect.

Copy the following app manifest.

{
    "display_information": {
        "name": "lightbeam-privacy"
    },
    "features": {
        "bot_user": {
            "display_name": "lightbeam-privacy",
            "always_online": false
        }
    },
    "oauth_config": {
        "scopes": {
            "bot": [
                "channels:read",
                "channels:history",
                "channels:join",
                "channels:manage",
                "chat:write",
                "files:read",
                "groups:history",
                "groups:read",
                "mpim:read",
                "groups:write",
                "im:history",
                "im:read",
                "mpim:history",
                "team:read",
                "chat:write.public",
                "users:read",
                "users:read.email"
            ]
        }
    },
    "settings": {
        "event_subscriptions": {
            "bot_events": [
                "file_created",
                "message.channels",
                "message.groups",
                "message.im"
            ]
        },
        "interactivity": {
            "is_enabled": true
        },
        "org_deploy_enabled": false,
        "socket_mode_enabled": true,
        "token_rotation_enabled": false
    }
}

Paste the copied manifest in the text box below and click on next

Access Socket Mode: Navigate to Socket Modeand look for the section titled Connect using Socket Mode.
Generate App-Level Token:

Navigate to the Basic Information menu
Scroll down to App-Level Tokens and click on Generate Token and Scope, fill the name of token and assign the connections:write permission.

Click on Generate

Copy this App Token using Copy button.

Installation of Application in Workspace:

Navigate to the Basic Information menu.
Click on Install your app to your workspace.
Select Install App (or Reinstall App if it has been previously configured). This will direct you to the My Workspace authorization page.
Click Authorize to grant permissions.

Retrieving the Slack Bot User Authorization Token:

Go to the Install App menu.
Copy the Bot User OAuth Token.

Add an app to your Slack private channels (Optional).
1. Create a private channel with the name: pii-notifications and add your bot to it.
Register Slack Data Source: Now, in your LightBeam app, register the Slack data source using the app token created in step 7 and bot token created in step 9.

About LightBeam

LightBeam automates Privacy, Security, and AI Governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has rapidly gained customers’ trust by pioneering a unique privacy-centric and automation-first approach to security. Unlike siloed solutions, LightBeam ties together sensitive data cataloging, control, and compliance across structured and unstructured data applications providing 360-visibility, redaction, self-service DSRs, and automated ROPA reporting ensuring ultimate protection against ransomware and accidental exposures while meeting data privacy obligations efficiently. LightBeam is on a mission to create a secure privacy-first world helping customers automate compliance against a patchwork of existing and emerging regulations.

PreviousGmail NextMS Teams

Last updated 1 year ago