Skip to main content

Compliance Archiving for Slack

Hiro
Updated

Overview

Nuclei provides Slack customers with the ability to automatically export and archive all communications occurring within Slack, including:  

  • Public Channels for each Workspace
  • Private Channels for each Workspace
  • Multi-Person Direct Messages (MPDMs) for the Organization
  • Direct Messages for the Organization
  • Slack Connect Messages for the Organization
  • Org wide channels (public and private)
  • Shared Channels
  • Edited / deleted messages 
  • Audio and Video Clips (including transcript) 
  • Files

As a first step, the "Nuclei for Slack" archiving app must be authorized for the top-level Enterprise organization. Once complete, Nuclei will automatically import Slack content and related activity. Content can be retained with Nuclei, or exported for review and retention in your existing compliance archive. 

 

Prerequisites

  • Slack Enterprise Grid
  • Slack Discovery API (requires opt-in at exports@slack.com
  • Opt-in to Slack organizational data retention policies
  • Authorization of the Nuclei archiving app at the top-level Enterprise organization

 

Scope

Conversations

Slack conversations (including org-shared and externally-shared i.e. Slack Connect conversations) from the entire Enterprise Grid org are supported for archiving. Selective grid-wide archiving can also be implemented for users that are members of a specific workspace / team. 

The following types of metadata are supported for each conversation:

  • Channel ID
  • Channel Name
  • Message ID
  • Team ID
  • Text
  • Timestamp
  • Type

The following additional types of metadata are also supported the message sender:

  • User ID
  • User Name
  • User Real Name

Be aware that deleted chat messages will still be captured using this integration. Chat message edits can also be captured.

 

Files

Files uploaded to Slack are supported for archiving. The following types of metadata are supported for each file:

  • File ID
  • Created Date
  • Shares
  • Name
  • Title
  • Mime Type
  • File Type
  • Pretty Type
  • User
  • Size

 

 

Getting Setup

Slack

To enable archiving you must first pre-configure your Slack environment: 

  • Ensure your organization is running on the Slack Enterprise Grid
  • Ensure your organization has opted-in to use of the Slack Discovery API (requires opt-in at exports@slack.com
  • Ensure your organization has opted-in to Slack's data retention policies

Nuclei

To enable archiving of Slack content:

  1. Login to https://app.nuclei.ai 
  2. Select "Configuration" > "Sources"
  3. Select "New"
  4. Select "Source Type", then select "Slack"
  5. Add a "Description" to the feed
  6. Enter your "Slack Enterprise Grid ID"
  7. Enter the Slack group IDs for any regulated teams (optional, selective capture only) 
  8. Select "Create Source"
  9. Select "Create Authorization", and complete the OAuth approval workflow.

Uninstallation 

To disable archiving:

  1. Disable "Capture Enabled" in the Nuclei source configuration. 

 

 

Configuration 

Selective Archiving (Membership based)

Selective grid-wide archiving can also be implemented for users that are members of a specific workspace / team:

  1. From your Slack desktop, click your workspace name on the top left. 
  2. Select "Settings & administration", then select "Organization settings"
  3. Select "Workspaces" from the left sidebar
  4. Click "Create Workspace" in the top right 
    1. Name: Provide a workspace name for your regulated users 
    2. Domain: Provide a workspace domain for your regulated users 
    3. Description: Provide a workspace description for your regulated users 
  5. Select "Next"
  6. Set access for this workspace as "Hidden"
  7. Select "Create Workspace"
  8. Provide the name of the created workspace to Nuclei
  9. Add all regulated users to the workspace. 

Important to note is that this workspace is just used as a container within Slack to organize a group of regulated users. Those users will still use their primary workspace(s) in day to day collaboration with other Slack users, but Nuclei will use the Slack user's membership within the separate workspace to enable selective archiving for that user grid-wide (including in their primary workspace(s)).

 

Selective Archiving (Identity based)

Selective grid-wide archiving can also be implemented for organizations using the following platforms for enterprise identity management: 

  • Google Workspace 
  • Microsoft Azure Active Directory

To enable selective archiving the following configuration is required: 

Google Workspace 

  1. Create a group in your organization that contains all regulated users (guide
  2. Authorize Nuclei access to Google Workplace Directory API (guide)

Microsoft Azure Active Directory

  1. Create a group in your organization that contains all regulated users (guide
  2. Authorize Nuclei access to Azure Activity Directory (guide)

Afterwards, Nuclei will use a Slack user's membership in the respective Google Workspace or Azure AD group to enable selective archiving for that user grid-wide. 

 

Licensing

Licensing is required for any of the following types of users: 

  • Slack Users
  • Slack Guests

Licensing is not required for the following types of users: 

  • Slack Connect users

For more information on the differences between a Slack Guest (licensed by the hosting org) and a Slack Connect user (licensed by an external organization), please reference the following guide: 

https://slack.com/resources/slack-for-admins/guests-vs-channels-in-slack-connect

 

Additional Resources

Export Destinations

 

More Information

For more information on Compliance Archiving for Slack and for a demonstration of related capabilities, please contact Nuclei's sales team at hello@nuclei.ai

Related articles

Comments

0 comments

Article is closed for comments.