Bring your own keys
With Slack EKM, you use your own keys—stored in Amazon’s Key Management Service (AWS KMS)—to encrypt messages and files. Administrators can revoke key access granularly, so teams experience minimal disruption. They keep working as usual, and so does Slack.
Peace of mind for the security-conscious
Slack EKM enhances the ability of organizations to share sensitive conversations and files on Slack while still meeting security requirements.
Visibility at every step
Get detailed visibility into how your keys are being accessed—usage of your keys to encrypt and decrypt messages and files in Slack is logged in AWS KMS’s CloudWatch and CloudTrail.
Granularly revoke key access
To address security threats, administrators can revoke access in a very targeted manner. Access to messages and files can be revoked at the organization, workspace, channel, time-frame, and file levels.
Keep collaborating in Slack
The Slack experience—from features to performance—remains the same. Teams can keep collaborating using all the Slack features they know best, even if access to some data is revoked.