Illustrated graphic of a bright, dimensional basic lock, featuring a shield on its body.
Security at Slack

Enterprise-grade data protection

Trust Slack to keep your data secure and meet your compliance requirements.

Security features for more control, visibility and flexibility

Identity and device management

Ensure that only the right people and approved devices can access your company’s information in Slack with features like single sign-on, domain claiming and support for enterprise mobility management.

Data protection

By default, Slack encrypts data at rest and data in transit for all of our customers. We further protect your data with tools like Slack Enterprise Key Management (Slack EKM), audit logs, and integrations with top data loss prevention (DLP) providers.

Information governance

Slack offers governance and risk-management capabilities flexible enough to meet your organization’s needs, no matter what they are. This includes global retention policies, custom terms of service, and support for eDiscovery.

The security program at Slack protects our organization and your data at every layer

Compliance certifications and attestations

Meet specific industry regulations and international security and data privacy standards

HIPAA Logo

Health Insurance Portability and Accountability Act (HIPAA)

Slack can be configured for HIPAA compliance, including electronically protected health information (e-PHI).

Request requirements for HIPAA entities

FINRA Logo

Financial Industry Regulatory Authority (FINRA)

Slack is FINRA 17a-4 configurable so your team can collaborate and still meet your compliance requirements.

FedRAMP Logo

Federal Risk and Authorization Management Program (FedRAMP)

Slack is FedRAMP Moderate authorized so organizations in the public sector can use our platform in a compliant manner.

View our authorization

Data residency

Data residency for Slack lets organizations choose the country or region where they want to store their encrypted data at rest.

Find out more on data residency

EU General Data Protection Regulation (GDPR)

Slack is committed to helping users understand their rights and obligations under the General Data Protection Regulation (GDPR). Slack has specific customer tools and processes to ensure compliance with GDPR requirements.

Learn about Slack’s GDPR commitment

Industry-accepted best practices and frameworks

Our security approach focuses on security governance, risk management and compliance. This includes encryption at rest and in transit, network security and server hardening, administrative access control, system monitoring, logging and alerting, and more.

Read the white paper

Slack's security controls also align to the National Cyber Security Centre's (NCSC) cloud security principles. Read more

More on security at Slack

Illustrated graphic image of a balls on multi-directional sets of stairs.
Partners

Meet our security and compliance partners

Learn More
Illustrated graphic of an outline of a lock surrounded by lines implying information moving.
Feature

Slack Enterprise Key Management

Learn More
Photograph of an urban building with a close-up of the RBC sign featuring their logo.
Customer Story

RBC’s tech teams explore new ways of working with Slack

Read Story
Illustrated graphic image of a balls on multi-directional sets of stairs.
Partners

Meet our security and compliance partners

Learn More
Illustrated graphic of an outline of a lock surrounded by lines implying information moving.
Feature

Slack Enterprise Key Management

Learn More
Photograph of an urban building with a close-up of the RBC sign featuring their logo.
Customer Story

RBC’s tech teams explore new ways of working with Slack

Read Story