Workspace administration Learn how to manage your Slack workspace or Enterprise Grid org.
Next Previous
Actions,activity,access logs,accessibility,add,add an app,Add members,Add to Slack,administrators,all passwords,analytics,android,announcement,announcements,App Directory,app icon,Apple Watch,approving apps,archive,Asana,Atlassian,Automation apps,badge,billing details,billing,Bitbucket,bot user,box,browse,calls,Calls:,cancel,changes,channels,channel instantly,channel management,channel notification,channel suggestions,claim domains,close,company culture,compliance exports,compose,computers,conversations,convert,connect,connected accounts,connection,connecting,copy messages,create,customization,customize,custom SAML,custom,customer support teams,data exports,data security,deactivate,default channels,delete,deletion,deploy slack,desktop,direct messages,directory,disable,discover and join,Discovery APIs,display name,DMs,Do Not Disturb,domain,domains,downgrade,dropbox,duplicate accounts,edit,editing,education,email address,email,emoji,emoticons,Enterprise Grid,Enterprise Mobility Management,executives,export,failed payments,Fair Billing,faqs,finding,format,formatting,framework for apps,free trials,general,getting started,giphy,github integration,github organization,github,glossary,google apps,google calendar,google drive,guests,highlights,hipchat,human resources,IFTTT,import,Incoming WebHooks,integrations,ios,invite,IT teams,JIRA,join,Keep up,keyboard layout,keyboard shortcuts,Keychain Access,keyword notifications,language,languages,leave,link previews,loading,limits,links,linux,mac,manage a workspace,manage apps,manage members,marketing,mention,merge,message actions,messages are displayed,message display,microsoft products,mobile,mobile push,move channels,moving workspaces,multiple,mute,name,names,noise,nonprofits,notify,OneDrive,onboard,owners,password,payment,payments,permissions,phones,pin,plan,plans,plus plan,polls,primary ownership,privacy policies,prioritize tasks,private,private channel,private notes and files,project management,public channel,purpose,Quick Switcher,quote,reactivate,read,recruitment,referrer information,reminder,remove,rename,retention,Request a new workspace,role,roles,RSS,sales,Salesforce,SAML,SCIM,SCIM provisioning,screen reader,search,send,session duration,share messages,share,shared channel,shared channels,sidebar,sign in,sign out,signup mode,single sign-on,Slack Day,Slack for Teams,Slack notifications,Save notes and files,Service Level Agreements,ServiceNow,sign up,slack status,slackbot,slash commands,snippet,snooze,software developers,star,statistics,Stride,sync,tablets,tax,threads,time zone,tips,to-do lists,topic,triage channels,Terms of Service,Trello,troubleshoot,trouble receiving,tour,twitter,two-factor authentication,unread messages,updates,upgrade,upload,username,user groups,URL,vacation,Vendor and remittance,video,voice call,voice,what is,what's important,whitelisting,windows phone,windows,working in,workspace apps,workspace creation requests,workspace discovery,workspace's settings,wunderlist,your actions,Zapier,zoom,features,#general,File storage,posts,dark mode,theme,Workflow Builder,Voice,video,screen sharing,workflows,Outlook Calendar,Invited members,Transfer ownership,Whitelist,Enterprise Key Management,Transport Layer Security,Strong customer authentication,CSV,text file,work hours,
Search for “[term]” See [n]+ more results →
Slack Enterprise Key Management Slack Enterprise Key Management (EKM) is a security add-on for the Enterprise Grid and GovSlack plans you can use to control and get visibility into how your organization’s data is accessed in Slack.
What to expect
Use your own encryption keys (stored in Amazon's Key Management Service) to encrypt messages and files.
To minimize disruption for members of your organization, you can revoke granular access to encryption keys.
Org members can use Slack as normal, even if some data has restricted access.
With data residency for Slack , new EKM customers can choose to create and store encryption keys in a specific data region.
Data encrypted with customer-controlled keys
The following categories of customer data will be encrypted at rest with keys stored in the customer’s AWS account:
Messages, canvases , and snippets
Files (ex., images, docs, clips , etc.) uploaded to the Slack Service
Search index of Customer Data
Messages and files generated by apps or bots (except Slackbot)
Sidebar custom sections
Any data collected by an app deployed to Slack's managed infrastructure, as well as the app's datastores, developer secrets, and logs
The following categories of data may be encrypted at rest with keys generated and stored by Slack:
Slack member profiles, including custom statuses
Channel names, topics, descriptions, and bookmarks
File names
Workspace and channel membership information
Slackbot messages
Data used to measure seat count, usage, and revenue
Data used for analytics and to measure quality of service, ex. sanitized logs
IDs generated by Slack on behalf of the customer
Note: When you enroll in EKM, any existing data will be encrypted with customer-controlled keys.
If external organizations are working together in Slack Connect , the shared contents are covered by EKM in the following ways:
Each organization’s messages will be encrypted with their EKM keys, if applicable.
The search index for Slack Connect channels with be duplicated and encrypted with each customer’s EKM keys.
If an organization is removed from a Slack Connect channel, they'll retain an archived copy if they have permission to post, invite, and more .
Ready to learn more? Contact our Sales team to get started.
Who can use this feature?
Org Owners and Org Admins
Available for the Enterprise Grid plan
Thanks so much for your feedback!
If you’d like a member of our support team to respond to you, please send a note to feedback@slack.com .
If you’d like a member of our support team to respond to you, please send a note to feedback@slack.com .
If you’d like a member of our support team to respond to you, please send a note to feedback@slack.com .
