Slack Strengthens Cybersecurity Controls

Slack today announced it has made it possible for IT organizations to manage their own encryption keys as part of an effort to enhance the security of its widely employed messaging service.

In addition, Slack is making available audit log data via a Splunk application based in a Slack application programming interface (API) as well as a data residency feature that gives IT organizations control over where their data is stored on the Amazon Web Services (AWS) cloud on which Slack depends.

Finally, Slack has achieved a FedRAMP Moderate certification, which will enable more U.S. government agencies to employ the service.

Larkin Ryder, chief security officer for Slack, said the company is making a concerted effort to provide cybersecurity teams with more visibility into the platform. With more employees now working from home much more regularly to help combat the spread of the COVID-19 pandemic, more organizations are relying on messaging services such as Slack to manage business processes. Tools such as Encryption Key Manager (EKM) for Slack Connect will make it simpler for IT teams to retain control over both their data while gaining more visibility into their overall cybersecurity posture, he said.

Slack Connect provides a console through which administrators can both maintain control over their organization’s data and monitor external access. Slack claims there are now more than 41,000 organizations using Slack Connect. That capability has been extended to include encryption keys that can be managed using the Amazon Key Management Service (KMS).

Slack today also pledged to add a feature to enable administrators to vet external organizations before allowing them to participate in a channel. All verified organizations will be identified with a badge to make it easier to determine which organizations have been deemed credible.

In addition, Slack plans to add an information barrier functionality that will enable administrators to prevent specific user groups from messaging or calling other user groups, and committed to integrating Slack with the Microsoft Intune mobile application management (MAM) platform.

The Slack service first gained traction in the enterprise as a messaging service that teams of developers in different geographic regions would employ to collaborate with one another. Since then Slack has become adopted more broadly as an alternative to relying solely on asynchronous emails. Slack also provides an alternative means to communicate at a time when cybercriminals have increased their efforts to compromise email credentials via what has become a wave of phishing attacks that all share a common COVID-19 theme, noted Ryder.

It’s not clear how much influence cybersecurity professionals are exercising over the selection of messaging platforms. In the weeks following the onslaught of the pandemic, many employees began employing platforms such as Slack on their own initiative. In many cases, the platform selected quickly became the de facto standard. However, now that it appears working from home will be much more common, many organizations are now revisiting their entire IT strategy, including which messaging platform to rely on to secure sensitive communications.

The major rival for Slack is, of course, the Microsoft Teams service. Microsoft has been leveraging its domination of productivity applications and email software in the enterprise to drive the adoption of a complimentary messaging service. Given the level of adoption of Slack at this point, it’s not likely the company will be fading away anytime soon despite Microsoft’s challenge. However, as it looks to expand the range of services it provides beyond simple messaging, it’s clear the next big battle is for control over unified communications services that, sooner than later, will be increasingly subject to large-scale cyberattacks.

Featured eBook
Identifying Web Attack Indicators

Identifying Web Attack Indicators

Attackers are always looking for ways into web and mobile applications. The 2019 Verizon Data Breach Investigation Report listed web applications the number ONE vector attackers use when breaching organizations. In this paper, we examine malicious web request patterns for four of the most common web attack methods and show how to gain the context and … Read More