A Deep Dive into Spin.AI’s New Risk Assessment for Slack

Any user in your organization can connect an application to Slack – but without a streamlined, automated process in place to inventory, assess, and manage these applications, you run the risk of potentially devastating data leak and loss issues. 

Our highly anticipated new addition of Risk Assessment for Slack gives administrators complete visibility and control over all third-party applications connected to their Slack workspaces. 

If you’re a SpinOne customer, you can start using this today! Let’s take a closer look at what this means for you and your organization.

Isn’t Slack already secure? 

Slack has internal security measures in place to protect critical user data (including information sent or received) with encryption, multi factor authentication (MFA), and access controls. Unfortunately, protecting your SaaS environment is a responsibility that ultimately falls on the customer. That’s why SpinOne offers an integrated solution on top of Slack to protect Slack data and ensure business continuity.

Why do I need app risk assessment? 

A perceived 40-50 connected apps on the surface can, in reality, be thousands of unsanctioned apps and browser extensions with dangerous access levels. Your SecOps teams can’t control what they can’t see – and a lack of visibility leaves your Slack data vulnerable to potentially devastating security, compliance, and data loss risks.

Traditional application risk assessment requires heavy lifting and time commitment from your SecOps teams – draining precious time better spent on higher value tasks. 

On average, manual risk assessment can take up to 2 weeks – with SpinOne’s Risk Assessment for Slack, it now takes only minutes per application. Saving you time (and your SecOps team will thank you!)

Complete visibility and inventory

SpinOne automatically detects and inventories all third-party applications connected to Slack. This feature allows multiple workspaces to be combined, creating an easy-to-view aggregated list on one platform.

Get useful insights at your fingertips, including:

1. Name – application name as stated by the developer
2. Category – category of application
3. Risk Score & Status – SpinOne’s assessment score out of a 100 (Indicating active and inactive applications)
4. Type – identifies the type of Slack application, and whether it is from the Slack app directory
5. Workspaces – the number of workspaces the application is installed in
6. Access last granted – last time the application had access to the workspace
   
   

Granular risk assessment

Each application receives a risk assessment score from 1 – 100. Here’s what they mean:

• High risk: 1- 35
• Medium risk: 36 – 65
• Low risk: 66 – 100

To understand why an application has received a specific score, you can click on the app to open up the full assessment profile.

You’ll see a quick overview of the application, with links to the developer’s homepage and marketplace listing – and 4 sections: 

• Scope of permissions – list of all permissions requested by the application
• Business Operation Risk – possible operational risk from using the application
• Security Risk – the potential an application has to become the source of a sensitive data breach or cyberattack
• Compliance Risk – application’s compliance with common data protection regulations
  

Simply open each section to see all factors taken into consideration for our assessment of each application.

You can also click on the Workspaces tab of each application to see which Slack Workspaces it is connected to.

Immediate insights for agile decisions

Make better, faster decisions for your SaaS security with our generated reports. Put your insights into action, decide if applications need to be blocklisted or allowlisted, and easily share this information with your team.

Complete protection on one, unified platform

You need a streamlined, simple way to assess what’s connected to your Slack workspaces to protect your Slack data. Risk Assessment for Slack gives your SecOps team the power of automation – replacing manual, time-wasting tasks with complete protection on one platform. 

Read more about SpinOne for Slack, visit our Knowledge Center, or reach out to us on live chat.