Today in How to Automate, we are starting a series of Flows to learn how Mindflow can further help in Compliance automation.

Several compliance automation platforms have been created in recent years. They deliver incredible help and make compliance with information security standards frameworks, such as SOC 2 and ISO27001, easier than ever.

Organizations that yesterday had to review controls manually can now automate quite a number of them through platforms like Drata and Vanta, among others. This not only saves a massive amount of time to conform to such frameworks but also dramatically facilitates the continuous task of maintaining such compliance.

What benefits can an automation platform bring to this incredible progress brought by compliance automation platforms? There are some tasks the Officer still has to perform manually. These revolve around reports, reviews, background checks, and notifications. For instance, depending on the service you use to perform your background checks, they may not be integrated yet with the compliance automation platform. Moreover, if you perform background checks on your own, you would have to upload the evidence to the compliance automation platform manually.

If you only have 1 or 2 arrivals per month, it doesn't get time devouring. However, facing a high recruitment pace in a scale-up or in a large company, this process will likely take more and more time, such as manually uploading any other evidence (third-party vendors' reports and reviews, for instance).

This is where automation platforms, such as Mindflow, can bring further benefits to compliance automation platforms, working hand in hand to save even more time for Officers in charge of performing these tasks.

As said above, today, we will focus on how you can speed up the uploads of background check evidence. To do so, we will create automation, starting from Slack and going to the successful upload of the evidence on Drata. We will thus orchestrate Drata and Slack.

Compliance automation: Uploading background checks evidence on Drata

This Flow is quite easy and quick to put in place. Before starting, let's see what we need!

Mindflow

Obviously, create the Flow! Choose a name that rocks, such as "Automatically upload background check evidence of an employee on Drata"! Then, choose your emoji! I chose a boar this time.

Drata

1. Your Drata API is set with the correct scopes. To do so, go to https://app.drata.com/account-settings/api-keys and click Create an API Key. Fill in a Name, an expiration date, and an allowed IP address for additional security. Once done, select Custom under Access and tick the following fields: User compliance, User Documents by type, Personnel List, Personnel Details, and Personnel Background Check. Click Save.

2. Drata API credentials are stored in Mindflow's Vault.

Slack

1. A Slackbot with the scope "chat:write", a command such as /backgroundcheck that you can create here https://api.slack.com/apps/YOUR WORKSPACE ID/slash-commands?

2. The webhook URL to register is the second link from the bottom, located in the gear icon next to your Flow name.

3. Slack API credentials are stored in Mindflow's Vault.

Okay, you are set to begin the Flow building process! Here is a sneak peek at the final Flow.

Designing the Flow

The first thing you must do is trigger the Flow once from Slack to generate a log we can work on to design the Flow. Type the /backgroundcheck command. Once the Flow has been executed, let's get our hands on it.

Slack steps: Gather the necessary data to send to Drata

Create a Slack action by looking into the Slack library and selecting chat_postMessage. Configure the fields as such:

1. Channel: type "/" to open the Data Picker tool. Select the step Slackbot 1.0 under TRIGGERS. Inside QUERY PARAMETERS, Pick the field channel_id.

2. Click the little processor icon. It shows all the fields available for that action. Look for the field "Blocks". Click the three dots icon on the left and turn the field into a JSON query space. Once done, I need you to paste the following JSON:

[
		{
			"type": "divider"
		},
		{
			"type": "section",
			"text": {
				"type": "mrkdwn",
				"text": "Please fill in the employee's First and Last names. Once done, click Enter"
			}
		},
		{
			"dispatch_action": true,
			"type": "input",
            "block_id": "",
			"element": {
				"type": "plain_text_input",
				"action_id": "plain_text_input-action"
			},
			"label": {
				"type": "plain_text",
				"text": "First and Last name",
				"emoji": true
			}
		}
	]

Now, find the line "block_id": "". Between the quotation marks, type "/" and select Resume execution ID inside FLOW. This will create an asynchronous step. The Flow will be on hold until the user has answered the message on Slack.

Ensure the credentials are filled in, and run the Flow once from Slack to generate logs.

This first Slack action will ask the user to fill in the employee's First and Last names.

After this step, create another Slack action. This time, find the chat_delete. You have two fields to fill: Ts (timestamp), and Channel. For the first one, type "/", select the Slack step, and select the execution under the resume execution.

In the body, find the field ts and Pick it. As for the Channel, "/" then select the Trigger and, inside QUERY PARAMETERS, select the field channel_id.

This Slack step will automatically delete the message once the user has filled it.

We now want to create another chat_postMessage action. Repeat the process depicted above until you have to fill in the Blocks. Here paste this:

[
		{
			"type": "divider"
		},
		{
			"type": "section",
			"text": {
				"type": "mrkdwn",
				"text": "Please submit the URL redirecting to the Background check. Once done, click Enter"
			}
		},
		{
			"dispatch_action": true,
			"type": "input",
            "block_id": "",
			"element": {
				"type": "plain_text_input",
				"action_id": "plain_text_input-action"
			},
			"label": {
				"type": "plain_text",
				"text": "URL",
				"emoji": true
			}
		}
	]

Repeat the same process as written above to create the resume | Execution ID pill. Once done, run the flow again from Slack.

This Slack step will ask the user to register the URL of the Background check.

As you did after the first Slack step, create another chat_delete to automatically delete the last Slackbot message once the user has filled it out.

Uploading the evidence to Drata

Let's see how we will use this data to create and configure Drata actions. Start by creating a first Drata action by querying either "Find personnel by search and filters" or "PersonnelPublicController_listPersonnel". This step will help us get the employee id. Once created, find the field Q. It is used to fine-tune our research. Type "/" and find the Slack step "Ask for the employee's First and Last names". Select the resume execution. In QUERY PARAMETERS/payload/actions/0, find and pick the field value.

Run the Flow once from Slack and create another Drata action by looking for "Upload a background check evidence to a user" or "BackgroundcheckPublicController_updateBackgroundCheck".

1. URL: "/", select the Slack step that is "Submit the Background Check URL". Find and pick the field value inside QUERYPARAMETERS/payload/actions/0.

2. Filed at: "/", select the first Drata step and pick the field date in HEADERS.

3. User id: "/", select the Drata step, and pick the field id inside BODY/data/0.

The step is configured.

Notifying the user that the upload is complete

Finally, create an ephemeral post (shown only to a user) to notify the user that the upload is complete. To do so, create a Slack action by querying "chat_postEphemeral" or "Sends an ephemeral message to a user in a channel".

1. User: Get the field user_id inside the QUERY PARAMETERS in the Slackbot TRIGGER.

2. Channel: Same. Get the field channel_id.

3. Text: Type the text you feel like.

   
   

The Flow is complete!