Slack unveils new admin security controls
Collaboration platform now supports 2FA, data sharing limits and device blocking
Slack has introduced a slew of security features to give IT admins more control over which employees use can use the service and how.
These new features will help to implement limits on users and devices, including blocking both from accessing their company's Slack account if they're deemed to be suspicious or unsecured.
The changes follow on from the company's Enterprise Grid service, which was launched last year and promised more user efficiency and tighter security.
"Without proper controls in place, mobile applications can open your employees up to new security risks," Slack wrote in a blog post. "To alleviate that, we're rolling out new functionality to ensure that only the right people and approved devices can access your company's information in Slack."
To start, Slack is introducing new secondary authentication controls, allowing admins to implement additional layers of security in the form of Face ID, Touch ID, or generated passcodes. This also comes with a time limit function, after which users have to re-authenticate. There are also session management tools to remotely wipe a user's mobile or desktop session in the event their device is lost or stolen.
Alongside these, Slack also unveiled data sharing protections. New domain whitelisting tools will be available for admins to control which workspaces can be accessed by its employees. Slack said this not only shores up sensitive company information, but it will also help teams focus on their immediate workloads. Another related feature blocks users from downloading company information to an unmanaged device.
This is just the beginning, according to Slack. Session management controls will soon be added to the admin dashboards, which will allow them to define the maximum number of devices a single employee can be logged into at one time. What's more, the company is working on a feature where admins can detect if a device has been jailbroken and then block its access to the app.
Slack said these new features are designed for IT professionals "who want to modernise and improve how their organisations work while maintaining compliance with their industry".
For Jake Moore, cyber security specialist at ESET, it shows that security is slowly becoming important to the normal user, delivering what the people want rather than what the industry thinks the consumer needs.
"With Slack making great steps forward, adding more prominent security functions, it will hopefully make people more aware of the importance of authentication and other protection techniques," he said. "It might even push other manufacturers into rolling out similar features as default."
How to scale your organisation in the cloud
How to overcome common scaling challenges and choose the right scalable cloud serviceDownload now
The people factor: A critical ingredient for intelligent communications
How to improve communication within your businessDownload now
Future of video conferencing
Optimising video conferencing features to achieve business goalsDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now