Kolide's Slack app enables end-users to identify and self-resolve important issues on their device. Our Slack app has always been a major part of our Honest Security strategy, so it is important we break down as many barriers as possible to enable every single one of our customers to use it. To that end, we rolled out access control settings for notifications.
During a trial: only the trialing person will receive notifications as no other team member has yet been onboarded to the system-- this happens later. This setup allows you to test the self-remediation workflow with just a handful of users before choosing to roll Kolide out widely. Once you've decided to move forward with Kolide, you'll want to evaluate your notification settings.
Administrators control precisely who can and cannot interact with the Slack app through a settings page:
Notice the section labeled, "Who Can Communicate With the Kolide Slack App." If you choose the option "Only users who have who have been explicitly Onboarded," then anyone who hasn't been explicitly invited to use the app in the onboarding manager will not receive any messages from the Slack app. If these same users try to initiate an interaction with the Slack app, they will be greeted with a message that looks like this...
This setting turns off all possible Slack notifications, even notifications that an administrator may directly initiate. So, for example, if you decide to restrict the Slack app to just onboarded users and then try to ping them manually, you will instead see a gentle reminder to onboard them first. This is true even for sensitive device notifications.
If there are members of your Slack team that you would like to exclude from Kolide, you can select their name in the Onboarding page and click "Archive". This will remove them from the onboarding list, and they will not be prompted to install the agent if/when you enable Automatic Onboarding.
As always, we welcome your questions, comments, and feedback.