Slack Connect security and data policies

Slack Connect is the most secure and productive way for organizations to communicate. Designed to replace email, Slack Connect extends channel-based messaging to everyone you work with — inside and outside your organization. If you administer Slack for your organization, read more about the security and data policies in place that help you securely connect and communicate with external organizations.

 

Requests to share channels

Approving requests

A request to share a channel may need to be approved by the organization that owns the channel and by someone from the invited organization, depending on each organization’s settings.

  • By default, when an invitation to share a channel is accepted, the pending request is sent to the organization that owns the channel for approval.
  • If an invitation is accepted by someone who doesn’t have permission to manage shared channels, the request may also need to be approved by someone from the invited organization who does.
  • Organizations can choose to automatically approve future requests to share channels with trusted organizations.

Note: Slack is working to verify organizations to help ensure your team is collaborating with trusted partners.


Denying requests 

If you’re unsure about a request to share a channel, whether it was sent to or from your organization, you have a few options:

  • Contact the person from your organization who accepted or sent the invitation.
  • Ask the members of your organization for more information about the request.
  • Deny the request.


Setting permissions

With Slack Connect, owners and admins can manage the channels their workspace or Enterprise Grid organization shares with other organizations. They can also grant members permission to manage these channels, and approve and deny requests.

  • On the Standard and Plus plans, Workspace Owners and Workspace Admins can manage channels shared with other organizations, and grant members permission to manage these channels.
  • On the Enterprise Grid plan, Org Owners and Org Admins can manage channels shared with other organizations, and grant members permission to manage these channels.


Messages and files

Message and file retention

In channels you share, the retention settings for your workspace or Enterprise Grid org will only apply to the messages and files sent by members of your organization. Any content sent by members of an external organization will be retained or deleted based on the retention settings chosen for their workspace or Enterprise Grid org.


Message editing and deletion

In channels you share, the message editing and deletion settings for your workspace or Enterprise Grid org will only apply to the messages sent by members of your organization. A message can only be edited or deleted by someone from the organization that sent it.


Enterprise Key Management 

For Enterprise Key Management (EKM) customers, messages and files sent by members of your organization in channels that are shared will be encrypted using your own keys. Messages and files sent by members of external organizations won’t be encrypted with your keys, but may be encrypted with their keys if they're EKM customers.

Note: As of September 2020, Enterprise Key Management (EKM) is available for Slack Connect. EKM retroactively applies to all messages and files sent by members of your organization in the channels you share.


Export tools and Discovery APIs

Export tools

For channels you share,  Slack export tools are available.

  • On the Standard, Plus, and Enterprise Grid plans, Workspace Owners and Workspace Admins can export data from public channels that are shared.
  • On the Plus and Enterprise Grid plans, Workspace Owners and Org Owners can apply to export data from all public and private channels that are shared, and the related direct messages (DMs) between members of external organizations.

Exports will include messages from members of external organizations along with those members’ Slack display names. However, members outside of the exporting organization won’t be captured in the export file’s member list.

Exports will also include links to files uploaded only by members of the exporting organization. Any files uploaded by members of an external organization, and any associated messages, will be excluded.

Note: If an external organization has applied custom retention settings for their workspace or Enterprise Grid org, this will impact the data that can be read in a channel or exported.

Discovery APIs

On the Enterprise Grid plan, Org Owners can use eDiscovery and Data Loss Prevention (DLP) solutions to review and regulate content in channels that are shared.

  • The Discovery APIs allow all organizations in a channel that's shared to read content, regardless of which organization owns the channel. However, only messages and files sent by members of your organization in that channel can be edited or deleted by the Discovery APIs.
  • The display names of members from external organizations won’t be returned via the Discovery APIs user methods, but their names will be returned alongside the conversation history.