Security at Slack

We take security seriously here at Slack and we’re proud to exceed the industry standard when it comes to protecting your organisation.

Security at Slack

Slack and the EU General Data Protection Regulation (GDPR)

Slack is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on 25 May 2018.

We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well.

To learn more about our GDPR compliance, please read our GDPR policy.

Security features

Data encryption in transit and at rest

SAML-based SSO

SCIM provisioning

Granular app management

Custom message retention

Slack Enterprise Key Management (Slack EKM) (Add-on for Slack Enterprise Grid)

Support for data loss prevention (DLP), enterprise mobility management (EMM), HIPAA and e-discovery

(Slack Enterprise Grid only)

Slack Enterprise Key Management (Slack EKM)

Bring your own keys for complete control and visibility of access to your data in Slack – all with minimal disruption to teamwork and collaboration. Slack EKM is available as an add-on for Slack Enterprise Grid.

Learn more about Slack EKM

Our partners

MobileIron logo
VMware logo
Blackberry logo
Relativity logo
Bloomberg logo
Palo Alto Networks logo
Skyhigh logo
Netskope logo
Illustration of a security “white paper” book

Security white paper

Learn about how Slack ensures the security of your data in our care and how you can best use Slack to improve security at your company.

Read the security white paper

Illustration of someone looking at a machine

HIPAA compliance

Review details about configuring and controlling your company’s use of Slack for HIPAA-compliant collaboration.

Learn more about Slack & HIPAA

Image of Geoff Belknap, Slack’s CSO

Meet Slack’s CSO

Find out what the team is working on in this Q&A with our CSO Geoff Belknap.

Read about Slack’s CSO

Security questions or issues?

Read more about security practices, privacy policy, terms of service and GDPR policy.

Contact us