Information protection is of the utmost importance to our customers and we’re actively exploring a number of solutions within this theme, such as:

• Attribute-based access controls for channels
• Information classification labels and banners
• Ephemeral messaging and end-to-end encrypted messages
• Automated information protection based on security standards
• Blocking, filtering, and alerting restricted materials

In this post, the focus is on blocking, filtering, and alerting restricted materials, but if any of the other topics above are of interest to you, please reach out to us.

Blocking, filtering, and alerting restricted materials.

Filtering restricted materials is really about data loss prevention. Data loss is most often caused by human error or inadequate controls, so there are many security standards our customers need to comply with in order to combat this problem. ISO27001, the US government classification system, or FINRA, to name a few. Consequences are severe if standards aren’t followed or if data spills occur. So we’re exploring ways to prevent human error in Mattermost that could lead to data loss.

Scanning and Blocking attachments

First, we’re exploring the concept of proactively preventing information from being shared with audiences that don’t have right security clearance.

For example, in government and defence organizations, documents have the proper markings to identify its classification level, so we could scan for those markings and prevent them from being shared if they don’t meet the correct criteria. We previously shared the ability to add classification labels to channels, and if we combine that with RMIF’s attachment scanning and filtering capabilities, we can prevent attachments with higher classifcations levels from being shared in lower classification channels.

Scanning and blocking text content in messages

We can perform similar actions with the text content of messages. We could create rules to search for patterns in text before it’s sent and identify when there are rule violations. This could prevent sensitive information like API keys, passwords, or Personally Identifiable Information (PII) from being shared in the wrong place.

Flagging messages

We’re also exploring a solution that enables all users in the workspace to flag messages that might be identified as potentially damaging or sensitive. Everyone plays a part in keeping information safe and secure, so providing these tools for the whole workspace could be an important piece of the overall information protection picture.

From the message actions menu, users would be able to choose the ‘request removal’ button and place the message in review. We’re imagining this could be used to flag potential data spillage, misinformation, and inappropriate or offensive content.

Reviewing flagged messages

Content moderators can be defined in the settings for this tool and any time a message is flagged for review, moderators would be notified.

Then they would have the opportunity to review the details of the message including the channel it was posted in, how long it was visible and who may have seen it.

Than they can take action to remove it or they could even start a playbook for more robust incident handling.

Share your feedback with us

That’s an early glimpse at some ideas we’re working on to help combat data loss. We’d love to hear your thoughts on these proposed solutions. Contact our Fast Futures team at fastfutures@mattermost.com or share feedback here in the forum.