Today in How to Automate, we are starting a series of Flows to learn how Mindflow can further help in Compliance automation.
In recent years, quite a number of compliance automation platforms have been created. They deliver incredible help and make compliance with information security standards frameworks, such as SOC 2 and ISO27001, easier than ever.
Organizations that yesterday had to review controls manually can now automate quite a number of them through platforms like Drata and Vanta, among others. It saves a massive amount of time to put the organization in conformity with such frameworks but also dramatically facilitates the continuous task of maintaining such compliance.
What benefits can an automation platform bring to this already incredible progress brought by compliance automation platforms? There are some tasks the Officer still has to perform manually. It especially revolves around reports, reviews, background checks, and notifications. For instance, depending on the service you use to perform your background checks, they may not be integrated yet with the compliance automation platform. Moreover, in the case you would be performing background checks on your own, you would have to upload the evidence to the compliance automation platform manually.
If you only have 1 or 2 arrivals per month, it doesn’t get time devouring. However, facing a high recruitment pace in a scale-up or in a large company, this process will likely take more and more time to be done, such as manually uploading any other evidence (third-party vendors’ reports and reviews, for instance).
This is where automation platforms, such as Mindflow, can bring further benefits to compliance automation platforms, working hand in hand to save even more time for Officers in charge of performing these tasks.
As said above, today we will focus on how you can fasten the uploads of background check evidence. To do so, we will create automation starting from Slack all the way to the successful upload of the evidence on Drata. We will thus orchestrate Drata and Slack.
Compliance automation: Uploading background checks evidence on Drata
This Flow is quite easy and quick to put in place. Before starting, let’s see what we need!
Starters
- Mindflow
Obviously, create the Flow! Choose a name that rocks, such as “Automatically upload background check evidence of an employee on Drata”! Then, choose your emoji! I chose a boar this time.
- Drata
- Your Drata API, that is set with the correct scopes. To do so, go to https://app.drata.com/account-settings/api-keys and click Create an API Key. Fill in a Name, an expiration date, and an allowed IP address for additional security. Once done, select Custom under Access and tick the following fields: User compliance, User Documents by type, Personnel List, Personnel Details, and Personnel Background Check. Click Save.
- Drata API credentials are stored in Mindflow’s Vault.
- Slack
- A Slackbot with the scope “chat:write”, a command such as /backgroundcheck that you can create here https://api.slack.com/apps/YOUR WORKSPACE ID/slash-commands?
- The webhook URL to register. You can find it in the gear icon next to your Flow name. It is the second link starting from the bottom.
- Slack API credentials are stored in Mindflow’s Vault.
Okay, you are set to begin the Flow building process! Here is a sneak peek at the final Flow.
Designing the compliance automation Flow.
The first thing you must do is trigger the Flow once from Slack to generate a log we can work on to design the Flow. Type the /backgroundcheck command. Once the Flow has been executed, let’s get our hands on it.
Slack steps: Gather the necessary data to send to Drata.
Create a Slack action by looking into the Slack library and selecting chat_postMessage. Configure the fields as such:
- Channel: type “/” to open the Data Picker tool. Select the step Slackbot 1.0 under TRIGGERS. Inside QUERY PARAMETERS, Pick the fieldÂ
channel_id. - Click the little processor icon. It shows all the fields available for that action. Look for the field “Blocks”. Click the three dots icon on the left and turn the field into a JSON query space. Once done, I need you to paste the following JSON:
[
{
"type": "divider"
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "Please fill in the employee's First and Last names. Once done, click Enter"
}
},
{
"dispatch_action": true,
"type": "input",
"block_id": "",
"element": {
"type": "plain_text_input",
"action_id": "plain_text_input-action"
},
"label": {
"type": "plain_text",
"text": "First and Last name",
"emoji": true
}
}
]Now, find the line “block_id”: “”. Between the quotation marks, type “/” and select Resume execution ID inside FLOW. This will create an asynchronous step. The Flow will be on hold until the user has answered the message on Slack.
Ensure the credentials are filled in, and run the Flow once from Slack to generate logs.
This first Slack action will ask the user to fill in the employee’s First and Last names.
After this step, create another Slack action. This time, find the chat_delete. You have two fields to fill: Ts (timestamp), and Channel. For the first one, type “/”, select the Slack step, and select the execution under the resume execution.
In the body, find the field ts and Pick it. As for the Channel, “/” then select the Trigger and, inside QUERY PARAMETERS, select the field channel_id.
This Slack step will automatically delete the message once the user has filled it.
We now want to create another chat_postMessage action. Repeat the process depicted above until you have to fill in the Blocks. Here paste this:
[
{
"type": "divider"
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "Please submit the URL redirecting to the Background check. Once done, click Enter"
}
},
{
"dispatch_action": true,
"type": "input",
"block_id": "",
"element": {
"type": "plain_text_input",
"action_id": "plain_text_input-action"
},
"label": {
"type": "plain_text",
"text": "URL",
"emoji": true
}
}
]Repeat the same process as written above to create the resume | Execution ID pill. Once done, run the flow again from Slack.
This Slack step will ask the user to register the URL of the Background check.
As you have done after the first Slack step, create another chat_delete to automatically delete the last Slackbot message once the user has filled it.
Uploading the evidence to Drata.
Let’s see how we will use this data to create and configure Drata actions. Start by creating a first Drata action by querying either “Find personnel by search and filters” or “PersonnelPublicController_listPersonnel”. This step will help us get the employee id. Once created, find the field Q. It is the field used to fine-tune our research. Type “/” and find the Slack step “Ask for the employee’s First and Last names”. Select the resume execution. In QUERY PARAMETERS/payload/actions/0, find and pick the field value.
Run the Flow once from Slack and create another Drata action by looking for “Upload a background check evidence to a user” or “BackgroundcheckPublicController_updateBackgroundCheck”.
- URL: “/”, select the Slack step that is “Submit the Background Check URL”. Find and pick the fieldÂ
value inside QUERYPARAMETERS/payload/actions/0. - Filed at: “/”, select the first Drata step and pick the fieldÂ
date in HEADERS. - User id: “/”, select the Drata step, and pick the fieldÂ
id inside BODY/data/0.
The step is configured.
Notifying the user that the upload is complete
Finally, create an ephemeral post (shown only to a user) to notify the user that the upload is complete. To do so, create a Slack action by querying “chat_postEphemeral” or “Sends an ephemeral message to a user in a channel”.
- User: Get the field
user_idinside the QUERY PARAMETERS in the Slackbot TRIGGER. - Channel: Same. Get the field
channel_id. - Text: Type the text you feel like.
The Flow is complete!
