Many don’t know that “Slack” is in actual fact a backronym—it stands for “Searchable Log of all Communication and Knowledge”. And as of late, it’s not only a searchable log: with Slack AI, Slack is now an clever log, leveraging the newest in generative AI to securely floor highly effective, time-saving insights. We constructed Slack AI from the bottom as much as be safe and personal following ideas that mirror our present enterprise grade compliance requirements:
- Buyer knowledge by no means leaves Slack.
- We don’t prepare giant language fashions (LLMs) on buyer knowledge.
- Slack AI solely operates on the info that the consumer can already see.
- Slack AI integrates seamlessly with our present enterprise grade compliance and safety choices.
Now, with enterprise search, Slack is greater than a log of all content material and data inside Slack—it additionally contains data out of your key functions. Customers can now floor up-to-date, related content material that’s permissioned to them straight in Slack’s search. We’re beginning with Google Drive and GitHub, and also you’ll see many extra of your linked apps because the yr goes on. With these new apps, Slack search and AI Solutions are all of the extra highly effective, pulling in context from throughout key instruments to fulfill your queries.
We constructed enterprise search to uphold the identical Enterprise-grade safety and privateness requirements as Slack AI:
- We by no means retailer knowledge from exterior sources in our databases.
- Exterior knowledge and permissions are updated with the exterior system.
- Customers and admins should explicitly grant Slack entry to exterior sources and will revoke that entry at any time.
- We uphold the precept of least privilege, solely requesting the authorizations we have to fulfill search queries.
This weblog put up will clarify how these ideas guided the structure of enterprise search.
How enterprise search upholds the Slack AI ideas
First, a refresher: how does Slack AI uphold our safety ideas?
- Slack makes use of AWS to host closed-source giant language fashions (LLMs) in an escrow VPC. This construction ensures that the mannequin supplier by no means has entry to Slack buyer knowledge and buyer knowledge by no means leaves Slack’s belief boundary—whether or not it’s Slack messages, enterprise search outcomes, or something in between.
- We use Retrieval Augmented Era (RAG) as a substitute of coaching LLMs. Utilizing RAG, we provide an LLM with solely the content material wanted to finish the duty. This content material is permissioned to the consumer and solely obtainable to the LLM at runtime, that means the LLM doesn’t retain any of your knowledge, ever.
- To offer a non-public, permissions-aware AI product, Slack makes use of the requesting consumer’s Entry Management Listing (ACL) to make sure that the LLM solely receives knowledge the consumer can already entry in Slack.
- Lastly, we re-use all our present compliance infrastructure (equivalent to Encryption Key Administration and Worldwide Knowledge Residency) when storing and processing LLM-generated content material. And we don’t even retailer Search Reply summaries—we simply present them to the requesting consumer and instantly discard them.
Enterprise search is constructed atop Slack AI and advantages from lots of the improvements we developed for Slack AI. We use the identical LLMs in the identical escrow VPC; we use RAG to keep away from coaching LLMs on consumer knowledge; and we don’t retailer Search Solutions within the database (whether or not or not they comprise exterior content material). Nevertheless, enterprise search provides a brand new twist. We will now present permissioned content material from exterior sources to the LLM and in your search outcomes.
How enterprise search upholds our safety ideas
We by no means retailer knowledge from exterior sources
When creating enterprise search, we determined to not retailer exterior supply knowledge in our database. As a substitute, we opted for a federated, real-time method. Constructing atop Slack’s app platform, we use public search APIs from our companions to return probably the most up-to-date, permissioned outcomes for a given consumer. Observe that the Slack consumer could cache knowledge between reloads to performantly serve product options like filtering and previews.
Exterior knowledge and permissions are updated
When trying to find exterior knowledge, it’s important that we solely fetch knowledge which the consumer can entry within the exterior system (this mirrors our Slack AI precept #3, “Slack AI solely operates on the info that the consumer can already see”) and that this knowledge is updated.
Utilizing a real-time as a substitute of an index-based method helps us uphold this precept. As a result of we’re at all times fetching knowledge from exterior sources in response to a consumer question, we by no means danger that knowledge getting stale. There’s nothing saved on our facet, so staleness merely isn’t potential.
However how can we scope down queries to only knowledge that the querying consumer can entry within the exterior system? The Slack platform already supplies highly effective primitives for connecting exterior techniques to Slack, chief amongst them being OAuth. The OAuth protocol permits a consumer to securely authorize Slack to take agreed-upon actions on their behalf, like studying recordsdata the consumer can entry within the exterior system. By leveraging OAuth, we be certain that enterprise search can by no means carry out an motion the consumer didn’t authorize the system to carry out within the exterior system, and that the actions we carry out are a subset of these the consumer may themselves carry out.
Customers should explicitly grant entry to exterior sources
We imagine that your exterior knowledge must be yours to manage. As such, Slack admins should choose in every exterior supply to be used of their group’s search outcomes and Search Solutions. They’ll additionally revoke this entry (for each search outcomes and Search Solutions) at any time.
Subsequent, Slack customers additionally explicitly grant entry earlier than we combine any exterior sources of their search. Customers can also revoke entry to any supply at any time. This stage of management is feasible as a result of OAuth-based method talked about above.
Precept of Least Privilege
An necessary safety precept is {that a} system ought to by no means request extra privileges than it requires. For enterprise search, which means after we connect with an exterior system, we solely request the OAuth scopes that are essential to fulfill search queries—particularly learn scopes.
Not solely can we adhere to the precept of least privilege, we present admins and finish customers the scopes we plan to request once they allow an exterior supply to be used in enterprise search. Which means that admins and finish customers at all times know which authorizations Slack requires to combine with an exterior supply.
Conclusion
At Salesforce, trust is our #1 value. We’re proud to have constructed an enterprise search expertise that places safety and privateness entrance and middle, constructing atop the strong safety ideas already instilled by Slack AI. We’re excited to see how our clients use this highly effective new performance, safe within the data that their exterior knowledge is at all times in good fingers.
