Security tips to protect your workspace

At Slack, security is our top priority. We care about protecting your privacy and building a service that you can trust. We’ve rounded up some tools to help workspace owners and admins keep their workspace secure.

Note: If you have additional questions, or notice suspicious activity in your workspace, please contact us – we’d be happy to help.


Set up two-factor authentication

Two-factor authentication (2FA) is an extra layer of sign-in security. With 2FA enabled, members enter a verification code from their mobile device in addition to their Slack password. Using 2FA ensures that even if a password is compromised, access to Slack won’t be granted unless the person signing in is verified from their device.

Members can choose to enable 2FA if they'd like to, but workspace owners can make 2FA mandatory for members. If your company uses an identity provider, consider upgrading and configuring single sign-on for Slack.


Manage apps with care

By default, all members can instal apps to their workspace. Workspace owners can choose to restrict permissions for how members can instal and use apps. Learn more about managing app installation settings.

Note: For internal integrations built by your team, treat the tokens that you generate carefully, and never share tokens with other people or applications. Read how to connect your tools to Slack.


Limit access to your workspace

Slack allows for transparency, and sometimes that means sharing proprietary information or sensitive details. Here are some tips to ensure that only the right people have access to information in your workspace:

  • Only invite people that you know 
    For total control, keep the default setting to only let workspace owners and admins send invitations to new members. If you do allow others to send invitations, review pending and accepted invitations periodically.
  • Deactivate members’ accounts who no longer need access
    Change is constant, and people come and go. Don’t forget to deactivate a member’s account when they leave. Workspace owners on the Plus and Enterprise Grid subscriptions can streamline deactivation with an identity provider using SCIM provisioning
  • Share channels with external organisations
    To work with external partners who don’t need access to all the information in your workspace, you can share channels. This lets you collaborate securely and productively in one centralised place, all from your own workspaces.
  • Use guest accounts and limit the channels that they're invited to
    Some members of your Slack workspace (like contractors, interns or clients) may only need access to certain channels. Guest accounts are a great way to manage who has access to the information they need in your workspace.
  • Manage email display
    Members can find each other’s email addresses in their profiles, but some people may prefer to keep this info private. Workspace owners and admins can choose if members’ email addresses are displayed in their Slack profiles.


Understand Slack usage

On the Standard, Plus and Enterprise Grid subscriptions, workspace owners can view analytics and usage for insight into how members use Slack.