Slack information barrier modified
Description
AlphaSOC detected modifications to a Slack information barrier. Information barriers prevent specific members from communicating via direct messages (DMs) and huddles with other members. Changes to these barriers could indicate attempts to bypass communication restrictions.
Impact
Modifications to information barriers can allow unauthorized communication between restricted groups, potentially leading to data exfiltration, compliance violations, or insider threats. This could compromise sensitive information and violate regulatory requirements that mandate separation between specific business units.
Severity
| Severity | Condition |
|---|---|
Low | Slack information barrier modified |
Investigation and Remediation
Review Slack audit logs to identify the source of barrier modifications and document affected groups or users. Verify if the changes comply with company policy and regulatory requirements. If unauthorized, restore the original barrier configurations and examine messages exchanged during the barrier downtime. Update access controls for barrier management and notify compliance teams of potential violations.