Shared channels and security icon, hashtag with lock

Working with external organizations in Slack: Your security FAQ

Help your team work with external organizations in Slack, while keeping your company’s data and information secure.

Admin controls

Who can share a channel?

Users can share a channel by sending an invitation link to their external partner. Depending on your settings, admins on each side must approve the channel and can disconnect the channel at any time. For customers on Enterprise Grid, this defaults to org owners and admins, with the option to designate these permissions to additional people, such as workspace admins or anyone you specify.

How should admins vet inbound invitations?

If you’re unsure what a proposed channel is for or who the invitation is from, you have a few options:

  • Don’t accept the invitation; you can decline any invitation you receive
  • Email the sender for clarification using the email address included in the request
  • Ask your members for more info about the request if they’re already working with the sender

In the channel administration section of the Grid dashboard, org owners and admins can choose whether or not your organization can receive channel requests from external organizations.

What’s the role of the admin dashboard?

The admin dashboard provides an overview of how your organization is working externally and a record of all communication with external partners. This includes:

  • A list of all external organizations that you are connected with 
  • An account of any connections with outside organizations, including channels and direct messages 
  • The ability to stop sharing all channels with a particular external organization (including private channels and DMs)

What every admin needs to know

How do apps and integrations work in a channel shared with external organizations?

Apps can be used just like in any other channel context. When it comes to specific functionality, keep the following in mind:

 

 

As with any app you install, make sure your admins understand how these apps work with Slack. For greater visibility, consider asking the admins of the connecting workspace what apps (if any) they plan to install in the channel.

 

Can I disconnect a channel shared with external organizations?

Admins on each side can disconnect existing channels. Should the channel be disconnected, the host workspace (organization who sent the invite) will be able to continue using the channel after disconnection. The connecting workspace (organization who received the invite) will get a read-only copy that becomes archived. Direct messages between the connecting organizations can be disconnected separately.

Who can edit and delete messages in a channel?

Message editing and deletion settings for your workspace or Enterprise Grid org will apply to channels shared with external organizations too. For example, workspace admins can delete messages sent by members of their workspace but not those sent by a member of an external organization.

Can I verify how an outside member accesses a channel?

As with external email, you cannot currently verify that a member outside your organization is accessing the channel from a secure device, behind a corporate firewall or VPN, or via single sign-on (SSO). Please work with the organization you’re sharing a channel with to determine how their users access Slack.

Security and compliance overview

Export tools and Data Loss Protection (DLP)

As with regular channels, on the Standard and Plus plans, workspace owners and admins can use Standard Export to export content from public channels. On the Plus plan, workspace owners can use Corporate Export to export content from public and private channels and all the related direct messages shared across the workspaces. The Discovery API can read all messages in channels, but only the messages posted by members of your workspace can be edited or deleted. The Discovery API will not capture the display names from members outside your organization.

Message and file retention

Messages and all other content from members of your team will abide by your existing policy. Your retention settings will apply only to content from members of your organization. Messages and all other content from people outside your organization will not be affected by your policy but, rather, will be retained or deleted based on their own organization’s policy.

Enterprise Key Management (EKM)

EKM customers will be able to use channels with external organizations; however, messages and files sent are not currently encryptable using your own keys.

Messages and files in all other channels within Slack will still be encrypted using your keys. Once EKM becomes supported in channels shared with external organizations, EKM will retroactively apply to all your messages and files.

Was this resource useful?

0/600

Awesome!

Thanks so much for your feedback!

Got it!

Thanks for your feedback.

Oops! We're having trouble. Please try again later!