Kolide's Slack app enables end-users to identify and self-resolve important issues on their device. Our Slack app has always been a major part of our Honest Security strategy, so it is important we break down as many barriers as possible to enable every single one of our customers to use it.
To that end, we rolled out access control settings for the Slack app. These settings are perfect for organizations that have widely rolled out the Kolide agent but haven't taken the plunge with the Slack app. Many may want to test the self-remediation workflow with just a handful of users before rolling it out widely.
To support this use case, we just launched a settings page available to administrators that will control precisely who can and cannot interact with the Slack app.
Notice the section labeled, "Who Can Communicate With the Kolide Slack App." If you choose the option "Only users who have who have been explicitly Onboarded," then anyone who hasn't been explicitly invited to use the app in the onboarding manager will not receive any messages from the Slack app. If these same users try to initiate an interaction with the Slack app, they will be greeted with a message that looks like this...
This setting turns off all possible Slack notifications, even notifications that an administrator may directly initiate. So, for example, if you decide to restrict the Slack app to just onboarded users and then try to ping them manually, you will instead see a gentle reminder to onboard them first. This is true even for sensitive device notifications.
If there are members of your Slack team that you would like to exclude from Kolide, you can select their name in the Onboarding page and click "Archive". This will remove them from the onboarding list, and they will not be prompted to install the agent if/when you enable Automatic Onboarding.
We still recommend the original behavior, but we hope this additional setting can help many organizations test out the Slack application in a controlled manner before committing to a company-wide roll-out.
As always, we welcome your questions, comments, and feedback.