Slack adds encryption control for regulated customers

The popular workplace communications tool is ramping up its security for strictly-regulated sectors.
21 March 2019

Workplace communications platform Slack has announced the launch of Enterprise Key Management (EKM) for its business users, enabling customers to control their encryption keys.

The keys will be managed in the AWS KMS key management tool.

According to Geoff Belknap, Slack’s Chief Security Officer in an interview with TechCrunch, the tool has been aimed at customers in regulated industries who may require tighter control over security.  

“Slack EKM basically adds an extra layer of protection so that customers— especially those in regulated industries— can share conversations, data and files on Slack, all while still meeting their own risk mitigation requirements,” he said.

Belknap added that tightly-regulated sectors, such as financial services, healthcare, and government, are “typically underserved” in terms of collaboration tools available to them.

While Slack already encrypts data in transit and at rest, the Slack EKM provides customers from these markets with the ability to control their own security keys, including the ability to revoke them if needed.

The move to add EKM came as a result of demand from customers: “EKM is a key requirement for growing enterprise companies of all sizes, and was a requested feature from many of our Enterprise Grid customers,” said Belknap.

Users of the tool can cut off access to content at any time, which is especially useful for companies using the platform to communicate to parties outside of the platform in the event of a security threat or suspicious activity, Belknap explained.

In addition, users can gain an inside view of Slack through its Audit Logs API. Customers can see detailed logs of when and where their data is being accessed, so they can be alerted of risks and anomalies instantly.

Slack isn’t the only tool of its kind to cater to customers with security front of mind. Wire sells itself as an “end-to-end encrypted enterprise collaboration platform”, and last week revealed findings from its Communications and Security survey, which found that 92 percent of business executives agree collaboration tools are the best communications solutions to offer employees.

The company predicted that companies would need to consider how to make new communications methods more secure, as Generation Z, which favors the flexibility of collaboration tools over ‘traditional’ methods such as email, makes up a growing portion of the workforce.

EKM comes at an additional cost for Slack Enterprise Grid customers, but for other customers, Belknap urges users to remember a few simple rules to ensure a basic level of security when using workplace collaboration tools.

# 1 | Always know who you are inviting to your workspace

# 2 | Make smart decisions about which apps you use and permissions that go with it

# 3 | Always review access logs so that one can be on the lookout for any inappropriate behavior