Shared channels and security icon, hashtag with lock
Training

Shared channels: your security FAQ

Shared channels are built to help your team work with external organisations in Slack while keeping your company’s data and information secure.

Admin controls

Who can create shared channels?

Only admins and owners can create shared channels, share existing channels, disconnect existing channels and accept requests to share channels. For customers on Enterprise Grid, this defaults to org owners and admins, with the option to designate these permissions to additional people, such as workspace admins or anyone you specify.

How should admins vet inbound invitations?

If you’re unsure what a proposed shared channel is for or who the invitation is from, you have a few options:

  • Don’t accept the invitation. You can decline any invitation you receive.
  • Email the sender for clarification using the email address included in the request.
  • Ask your members for more info about the request if they’re already working with the sender in some capacity.

In the channel administration section of the Grid dashboard, org owners and admins can choose whether or not your organisation can receive shared channel requests from external organisations.

What’s the role of the admin dashboard?

The admin dashboard provides an overview of how your organisation is working externally and a record of all communication with external partners. This includes:

  • A list of all the external organisations that you are connected to
  • An account of any connections to outside organisations, including shared channels and direct messages
  • The ability to stop sharing all channels with a particular external organisation (including private channels and DMs)

What every admin needs to know

How do apps and integrations work in shared channels?

In shared channels, apps can be used just like in any other channel context. When it comes to specific functionality, keep the following in mind:

 

 

As with any app you install, make sure your admins understand how these apps work with Slack. For greater visibility, consider asking the admins of the connecting workspace what apps (if any) they plan to install in the shared channel.

 

Can I disconnect a shared channel?

Should the shared channel be disconnected, the host workspace (organisation who sent the invitation) will be able to continue using the channel after disconnect. The connecting workspace (organisation who received the invitation) will get a read-only copy that becomes archived. Direct messages between the two connecting organisations can be disconnected separately.

Who can edit and delete messages in a shared channel?

Message editing and deletion settings for your workspace or Enterprise Grid org will apply to shared channels too. For example, workspace admins can delete messages sent by members of their workspace but not those sent by a member of an external organisation.

Can I verify how an outside member accesses a shared channel?

As with external email, you cannot currently verify that a member outside your organisation is accessing the shared channel from a secure device, behind a corporate firewall or VPN or via single sign-on (SSO). Please speak to the organisation you’re sharing with to determine how their users access Slack.

Security and compliance overview

Export tools and data loss protection (DLP)

On the Standard and Plus subscriptions, workspace owners and admins can use Standard Export to export content from public shared channels as with regular channels. On the Plus subscription, workspace owners can use Corporate Export to export content from public and private shared channels and all the related direct messages shared across two workspaces.

The Discovery API can read all messages in shared channels, but only the messages posted by members of your workspace can be edited or deleted. The Discovery API will not capture the display names from members outside your organisation.

Message and file retention

At the moment, custom message and file retention policies aren’t supported. That means that retention is set to unlimited in shared channels and both workspaces will be able to export the data. Custom retention also doesn’t apply to any direct messages or group DMs sent between members of the two Slack workspaces.

Your custom retention policy will still be in effect for all your other non-shared channels.

Enterprise Key Management (EKM)

EKM customers will be able to use shared channels; however, messages and files sent in shared channels cannot currently be encrypted using your own keys.

Messages and files in all other channels within Slack will still be encrypted using your keys. Once EKM becomes supported across shared channels, EKM will retroactively apply to all your messages and files in shared channels.

Was this resource useful?

0/600

Nice one!

Thanks a lot for your feedback!

Got it!

Thanks for your feedback.

Whoops! We’re having some problems. Please try again later.