Slack Connect: What It Means for Security

Safety Team
Updated May 18, 2021
1 min read

Slack is a popular communication platform used by many companies around the world. Initially, it was a tool for people within an organization to communicate for anything work-related. However, the company’s vision is to one day replace email in our work-life, a goal that some may consider too ambitious or even worth a try.  

No matter which side you are on, Slack keeps expanding on the idea that they can create a space for all work communications without the hassle of scrolling through endless email threads or using personal platforms for work-related messaging. With this in mind, they launched Slack Connect last year. 

 

What is Slack Connect?

Slack Connect is basically the shared workspaces feature, but bigger and better. Before, when users only had shared workspaces, they were limited to using Slack for intercompany communications. Users could be added to shared workspaces, but there was a limit with what you could do since you had to leave one workspace to enter another. Now, you can communicate with other companies within your workspace.

 

What does this mean for users and companies?

With this new feature, you can communicate with vendors who use Slack without using email or having the employees use their personal communication channels to get work done. In theory, this should streamline communication for employees and help them move past the usual hold-ups, such as sending follow-up emails. 

From a client company perspective, it is a solution that will give the admin full control of the communications their employees make when representing the company. Compared to email, this space offers an extra layer of data security. The way that Slack Connect works is that the company owns all its data. Once one company decides to close one channel or take away access to information from an employee or vendor, they can do it much more easily than if the data was shared via email or other channels. 

Once you send something via email, it’s usually hard to get back, let alone if the information was shared in other channels outside of the organization. This security measure centralizes the data sent out and diminishes the probability of sharing sensitive information without controlling it. 

 

Slack’s data security measures

Slack’s work communications concept is quite innovative. Slowly but surely, it’s growing despite competing with giants in the industry,  such as Microsoft Teams. What this means for Slack is that they have to keep up with the sophisticated data security measures they have implemented. 

Slack has built secure protocols that have been unmatched by many other companies in the digital space. Unfortunately, security breaches have been the order of the day for quite some time. Slack helps prevent those by centralizing communication and having robust safety protocols for data collection. 

As for compliance certifications, Slack has no shortage. The company is also quite transparent about its security protocols and what to expect. A few of the ones they have are:

  • ISO/IEC 27001 Information Security Management System (ISMS)
  • ISO/IEC 27017 Security Controls for the Provision and Use of Cloud Services
  • ISO/IEC 27701 Privacy Information Management System (PIMS)
  • AICPA SOC 3 Service Organization Controls
  • FedRAMP Authorized
  • FINRA Compliant
  • HIPAA Compliant
  • FERPA Compliant

Issues with Slack Connect DMs

Like many other digital tools, Slack has had what seems like an unlikely misstep in the expansion of  Slack Connect. Usually beloved by many users, the company faced widespread criticism with its launch on Slack Connect DMs. 

This new feature allows people from different organizations to DM each other once a request to join their network has been sent and accepted. At first glance, it seems like a natural step for a company that wants to be the be-all and end-all of work communications. The problem lies in the fact that users could send Slack invites with a custom message harassing them, such as the one user Menotti Minutillo received. 

The invites for Slack Connect DMs come from a general Slack email address, making it hard for people to flag. Unfortunately,  Slack didn’t have a reporting button or any anti-harassment protocol in place when the feature first launched. But this was quickly met with criticism. 

When the criticism started, Slack first disabled the ability to customize the invite message. However, the company’s suggested solution was ultimately for clients to not use the feature altogether. The proposed fix was met with even more criticism from users, with many feeling it was inadequate. As of now, Slack has yet to roll out any update that doesn’t require their clients to moderate the invites themselves. 

 

Is Slack safe?

When it comes to data, Slack has a sophisticated system that keeps information secure. The company is very transparent on what it does, how it does it, and what you can expect. The website is full of important security information, and clients are encouraged to ask questions if they have them. 

 

However, when it comes to moderation policies, it’s apparent that Slack has ways to go. If they genuinely hope to replace email altogether, the company will need to focus on its anti-harassment policies as much as they do on its data safety.


Home Security Experts

Safety Team

The Safety Team is a group of experts that handle provider research, product reviews and recalls to make your home safety and security search as easy as 1-2-3.

Like what you've read?

Share it with your friends