The popularity of Slack is growing at an exponential rate, but many organisations are still struggling with how to best maintain data security
In a few short years, Slack has transformed from a relatively unknown cloud application into one of the most popular team collaboration solutions in the world. For many enterprises, Slack is initially used in small, unsanctioned (shadow IT) deployments amongst internal workgroups. From there, use of the app typically balloons so quickly that it simply cannot be ignored. Today, Slack boasts over 10 million daily active users and more than 85,000 paying customers worldwide.
As organisations allow sensitive information to move off premises and into Slack, they must take concrete steps to ensure that their data is being used and secured properly. This article will look at some of the key challenges faced amidst this effort, as well as how they can be overcome through the use of modern security solutions that are built for the cloud.
Every day, Slack users around the world send billions of messages and files to each other. It has even become its own verb; “I’ll Slack you” has entered the global vernacular as shorthand for sending information via the platform.
While Slack can do wonders for business productivity, it can also cause major security headaches. Employees are able to share a wide range of sensitive files with each other on the app, ranging from architecture diagrams and proprietary code to personally identifiable information (PII), financial data, and more; naturally, all of this could be extremely damaging in the wrong hands.
Unfortunately, most companies lack the resources needed to manually monitor all of the information passing through the application. Additionally, Slack’s private channels and direct messaging capabilities mean that IT admins often have no direct visibility over what information is being shared, creating an obvious security risk.
There are, of course, simple best practices that organisations should apply when employees are using collaboration tools like Slack. For example, they should make sure that their employees receive regular training on best practices for cloud security. They should also educate all of their employees on their specific preferences and requirements regarding who can access certain types of data. Good password hygiene is another basic yet helpful tactic.