Skyhigh CASB for Slack provides compliance and security governance through Data Loss Prevention (DLP) policies for data stored in Slack.
There are two ways to integrate Skyhigh CASB and Slack:
- API. Using the API integration allows you to use near real-time DLP, collaboration control (including quarantining files). Skyhigh CASB for Slack supports real-time scanning of active files within a Slack implementation through the Slack API, and nearly all aspects of Threat Protection and activity monitoring.
- Reverse Proxy. Best for those who want to have an inline real-time control over the data (Files/Chat messages/Snippets) being transferred to Slack and Contextual Access Control. The Skyhigh CASB Reverse Proxy solution doesn't require any endpoint control and integrates via SSO. The use case currently supported is to redirect all managed devices and block unmanaged devices. In general, native apps won't work and mobile browsers are supported. It needs to be validated based on the latest changes in native apps whether traffic comes to proxy and it can be supported through request headers attributes coming via SAML/MDM (Mobile Device Management solutions like Ivanti Neurons, Microsoft Intune, VMware) or via agents like Skyhigh Security Mobile Control Security (MMCS) or via User Agents
Slack Huddles Support
Skyhigh CASB for Slack provides a way for organizations to extend existing data loss prevention (DLP) policies to Slack huddles, which are used to set up quick meetings with internal or external users of a channel.
Slack huddles provides the following use cases:
- Pure Content. Identifies the sensitive content of the messages or files shared by any user in the huddle and takes Quarantine/Delete as remediation actions.
- Pure collaborations. If a user joins a huddle, Skyhigh CASB does not receive any event, so the pure collaboration policies cannot be applied.
- Content-aware-collaboration. The collaboration policies are evaluated based on all channel members rather than the members who are present in the huddle. Although messages/files are shared in the huddle, Skyhigh CASB receives only channel information in the events and the received event does not contain any information about members who are present in the huddle.
Slack Canvas Support
Skyhigh CASB for Slack provides a way for organizations to extend existing data loss prevention (DLP) policies to Slack canvases, which are used to set up meeting notes, project briefs, checklists, company newsletters, and more with internal or external users via channels, direct messages (DMs), Huddle and more within Slack.
Skyhigh CASB API Integration for Slack Canvas supports the following use cases:
Supported Content-based Use Cases for Slack Canvas
|Content-based Use Cases||Supported||DLP Protection||DLP Policy Response Actions|
|Messages||Yes||Messages sent in Canvas comments||
Files uploaded to Canvas and in Canvas comments
|Text added to the Canvas||No||API Limitation||N/A|
|Canvas embedded into a Canvas||No||API Limitation||N/A|
Supported Content-aware Collaboration Use Cases for Slack Canvas
|Content-aware Collaboration Use Cases||Supported||DLP Protection||DLP Policy Response Actions|
|Canvas shared via Slack Channels (Public/Private/Shared)||Yes||Files uploaded to Canvas||
|Canvas shared via Direct Messages (DMs)||Yes||Files uploaded to Canvas||
|Canvas shared via Multi-Party DMs (MPDM)||Yes||Files uploaded to Canvas||
|Canvas shared via Slack Connect connections||Yes||Files uploaded to Canvas||
|Canvas shared via Huddles||Partially||Files uploaded to newly created Canvas||
|Canvas shared via Copy Links||No||API Limitation||