Slack unveils new admin security controls

Slack logo on a mobile
(Image credit: Shutterstock)

Slack has introduced a slew of security features to give IT admins more control over which employees can use the service and how.

These new features will help to implement limits on users and devices, including blocking both from accessing their company's Slack account if they're deemed to be suspicious or unsecured.

The changes follow on from the company's Enterprise Grid service, which was launched last year and promised more user efficiency and tighter security.

"Without proper controls in place, mobile applications can open your employees up to new security risks," Slack wrote in a blog post. "To alleviate that, we're rolling out new functionality to ensure that only the right people and approved devices can access your company's information in Slack."

To start, Slack is introducing new secondary authentication controls, allowing admins to implement additional layers of security in the form of Face ID, Touch ID, or generated passcodes. This also comes with a time limit function, after which users have to re-authenticate. There are also session management tools to remotely wipe a user's mobile or desktop session in the event their device is lost or stolen.

Alongside these, Slack also unveiled data sharing protections. New domain whitelisting tools will be available for admins to control which workspaces can be accessed by its employees. Slack said this not only shores up sensitive company information, but it will also help teams focus on their immediate workloads. Another related feature blocks users from downloading company information to an unmanaged device.

This is just the beginning, according to Slack. Session management controls will soon be added to the admin dashboards, which will allow them to define the maximum number of devices a single employee can be logged into at one time. What's more, the company is working on a feature where admins can detect if a device has been jailbroken and then block its access to the app.

Slack said these new features are designed for IT professionals "who want to modernise and improve how their organisations work while maintaining compliance with their industry".

For Jake Moore, cyber security specialist at ESET, it shows that security is slowly becoming important to the normal user, delivering what the people want rather than what the industry thinks the consumer needs.

"With Slack making great steps forward, adding more prominent security functions, it will hopefully make people more aware of the importance of authentication and other protection techniques," he said. "It might even push other manufacturers into rolling out similar features as default."

Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.

Latest in Security
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Application security concept image showing a digitized padlock placed upon a digital platform.
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
NHS logo displayed on a smartphone screen in white lettering on a blue background.
NHS supplier hit with £3m fine for security failings that led to attack
OpenAI logo and branding pictured at Mobile World Congress 2024 in Barcelona, Spain.
OpenAI announces five-fold increase in bug bounty reward
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.
These five countries recorded the most third-party data breaches last year
Phishing concept image showing an email symbol with fishing hook.
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
Latest in News
Ransomware concept image showing a warning symbol in red with binary code in background.
Healthcare systems are rife with exploits — and ransomware gangs have noticed
Application security concept image showing a digitized padlock placed upon a digital platform.
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
Male software engineer working on a laptop at a home office desk with two PC monitors sitting on top of desk.
‘This shift highlights not just a continuation but a broad acceptance of remote work as the norm’: Software engineers are sticking with remote work and refusing to budge on RTO mandates – and 21% would quit if forced back to the office
Databricks logo and branding pictured on a MacBook Pro screen.
Databricks and Anthropic are teaming up on agentic AI development – here’s what it means for customers
Dell Technologies logo and branding pictured at the company's stall at Mobile World Congress (MWC) in Barcelona, Spain.
Scale of Dell job cuts laid bare as firm sheds 10% of staff in a year
Male employee sitting at a desk working on a laptop with earphones in and books scattered on desk.
Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workers