This blog post explains how leaders can create a culture of security in their company. Cybersecurity is more important than ever, and ensuring that everyone buys into protecting the company is paramount for protecting private data. This post has 4 steps people can take to build that culture.
Slack is the platform for work communications. This communications takes different forms from employee to employee, public vs private, app to person, on and on. The workflow options for Slack are almost endless. How you organize you Slack workspace should match how you organize work.
An article discussing the latest cybersecurity breaches affecting major tech companies. These hacks were carried out by the Lapsus$ organization and used social engineering techniques to bypass multifactor authentication.
A blog post explaining the various types of Slack Roles and the permissions associated with them. It is meant to help companies setting up their Slack workspaces maintain compliance. It should be read in conjunction with our other Slack articles.
Data is both a differentiating asset for companies and an existential liability. Slack, as the operating system for modern work, contains data not just from Slack but from all the various apps and services that connect to Slack. This amounts to a ton of data, some of which is sensitive.
The specific permission scopes for Slack App Directory apps are API calls. These API calls are behind the user friendly presentation that users see when they approve an app for install into their Slack Workspace. App owners should be able to explain the Slack permission scopes their app needs.
Slack is a workflow platform. To extend the value of the platform, Slack added the equivalent of an App Store. There is no right and wrong set of permissions for Slack apps. The most important thing is to ensure app permissions are reviewed before Slack App Directory apps are installed.
The Securities and Exchange Commission has proposed new legislation that would make cybersecurity incidents part of its mandatory reporting rules. Currently, companies must report relevant events that could impact their stock prices, and now cybersecurity might be a part of those reports.
When it comes to using Slack in a HIPAA compliant way, Slack App Directory apps can potentially access PHI depending on their permissions. Because of this, it’s imperative that you put policies in place to comply with HIPAA when you use Slack and Slack App Directory apps.
Where does work get done today? Whether remote, hybrid, or in person, work is done primarily in the SaaS apps. As we navigate these flows of work in SaaS apps, security and privacy is often not top of mind. How can we change that? How can we add a human security layer on top of our SaaS apps?