Slack Debuts New Enterprise Security ControlsSlack Debuts New Enterprise Security Controls
Enhancements aim to provide the ability to deploy Slack at enterprise scale in “safe, secure, and centralized way.”
August 5, 2019
Looking to quell concerns -- warranted or not -- that its team collaboration application isn’t secure enough for enterprise use, Slack has taken the wraps off a suite of features that provide more control over how data is accessed and shared within Enterprise Grid, its platform for enterprise deployment.
As delineated in a company blog post, the enhancements will allow Slack mobile app users to work from anywhere while maintaining compliance with corporate policy and industry regulations. In addition, they’ll provide administrators with greater control, enabling them to limit Slack access, by person and device, and its use, as well as to select which features to use and determine how to customize them for implementation.
The greater control will become available through a variety of new capabilities, some of which will be available immediately and others between now and early next year, Slack wrote.
Here’s a breakdown of what’s coming, and when.
User & Device Control
Secondary authentication controls -- As of today, admins are able to configure Slack to require single sign-on, as is the case today, plus an added layer of security using facial recognition, touch, or generated passcodes. In addition, they can force re-authentication after a set time period, Slack wrote.
Session management tools -- Also available immediately, these provide admins a remote wipe capability to use in cases of lost or stolen devices. The admins will be able to remove mobile and desktop sessions associated with a user whose device has gone missing, Slack wrote. These session management capabilities are available today via API; later this year, these session management controls – and others – will be available via the admin dashboard.
Jailbroken device detection -- at an unspecified time later this year, admins will be able to detect if a device is jailbroken and, if so, block access to it. “This helps ensure employees are always accessing Slack from secure devices that meet company requirements,” Slack noted.
Forced app upgrades -- Admins will be able to enforce app upgrades, thus gaining assurance that employees are running the newest features and latest profiles on their devices. This capability is coming later this year.
Usage Control
Domain whitelisting tools -- To prevent employees from signing into unapproved workspaces, admins can now define which ones are accessible from within a corporate network. The purpose is twofold, Slack wrote: to prevent the sharing of sensitive information in non-managed workspaces, and to help teams stay focused on their tasks at hand.
File download and message copy restrictions -- With these restrictions, now available, admins can restrict file downloads or copying of messages onto mobile devices that aren’t managed by an enterprise mobile management provider. Along this same line, early next year admins will be able to block file downloads from desktop computers accessing Slack from non-approved IP addresses, Slack added.
Mobile browser control -- When this feature becomes available later this year, admins will have the ability to require links shared in Slack to open in browsers managed within a mobile application management container.
These enhancements signal the company’s commitment to making sure its team collaboration app is usable in a safe and secure way and to allow admins greater control, Slack wrote.
