Security

Compliance certifications and regulations

FedRAMP

(Li-SaaS)
Federal Risk and Authorization Management Program

View certificate

NIST 800-171

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

SOC 2

(Type Ⅱ)
Trust Services Principles

SOC 3

Service Organization Controls

Download the report

ISO/IEC 27001

Information Security Management System (ISMS)

Download the certificate

ISO/IEC 27017

Security Controls for the Provision and Use of Cloud Services

Download the certificate

ISO/IEC 27018

Protection of Personally Identifiable Information (PII)

Download the certificate

HIPAA

Health Insurance Portability and Accountability Act

Request our Requirements for HIPAA Entities

EU/US Privacy Shield

Swiss/US Privacy Shield

Data Privacy Practices

CSA

Cloud Security Alliance

Slack and the EU General Data Protection Regulation (GDPR)

Slack is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on May 25, 2018.

We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well.

To learn more about our GDPR compliance, please read our GDPR Policy.

Security features

Data encryption in transit and at rest

SAML-based SSO

SCIM provisioning

Granular app management

Custom message retention

Slack Enterprise Key Management (Slack EKM) (Add-on for Slack Enterprise Grid)

Support for Data Loss Prevention (DLP), Enterprise Mobility Management (EMM), HIPAA, and e-Discovery

(Slack Enterprise Grid only)

Slack Enterprise Key Management (Slack EKM)

Bring your own keys for complete control and visibility of access to your data in Slack - all with minimal disruption to teamwork and collaboration. Slack EKM is available as an add-on for Slack Enterprise Grid.

Learn more about Slack EKM