US 11,720,706 B2
Inline data loss prevention for a group-based communication system
Max Baez, San Francisco, CA (US); Calvin Cheng, San Jose, CA (US); Stephen Hamrick, Redwood City, CA (US); Ratnadeep Bhattacharjee, Palo Alto, CA (US); and Caroline Shen, San Francisco, CA (US)
Assigned to Slack Technologies, LLC, San Francisco, CA (US)
Filed by Slack Technologies, Inc., San Francisco, CA (US)
Filed on Feb. 19, 2021, as Appl. No. 17/180,095.
Prior Publication US 2022/0269812 A1, Aug. 25, 2022
Int. Cl. H04L 29/06 (2006.01); G06F 21/62 (2013.01); G06F 21/50 (2013.01); H04L 51/212 (2022.01)
CPC G06F 21/6245 (2013.01) [G06F 21/50 (2013.01); H04L 51/212 (2022.05); G06F 2221/032 (2013.01)] 20 Claims
OG exemplary drawing
 
1. One or more non-transitory computer-readable media that stores computer-executable instructions that, when executed by at least one processor, perform a method of data loss prevention within a group-based communication system, the method comprising:
receiving a first user input in a group-based communication channel from a user of a first organization,
wherein the group-based communication channel includes a first plurality of users from the first organization and a second plurality of users from a second organization;
prior to displaying the first user input in the group-based communication channel, applying, using a data loss prevention engine that is communicatively coupled to a server of the group-based communication system, an organization-specific outgoing data loss prevention policy of the first organization to the first user input based on a first organization identifier associated with the first user input;
in response to determining that the first user input is permitted by the organization-specific outgoing data loss prevention policy of the first organization, displaying the first user input to the first plurality of users from the first organization in the group-based communication channel only if the first user input is permitted by the organization-specific outgoing data loss prevention policy of the first organization;
prior to displaying the first user input to the second plurality of users from the second organization, applying, using the data loss prevention engine, an organization-specific incoming data loss prevention policy of the second organization to the first user input based on a second organization identifier associated with the group-based communication channel; and
responsive to determining that the first user input is permitted by the organization-specific incoming data loss prevention policy of the second organization, displaying the first user input to the second plurality of users from the second organization in the group-based communication channel only if the first user input is permitted by the organization-specific incoming data loss prevention policy of the second organization without affecting display of the first user input to the first plurality of users from the first organization.