How to plug potential security breaches by Slack users

By Anurag Kahol, CTO at Bitglass

Credit: ID 160032950 © Manatchaya Suratanachaikul |

In recent years, Slack has transformed from a relatively unknown cloud application into one of the world’s most popular team collaboration solutions in the world.

For many enterprises, Slack is initially used in small, unsanctioned (shadow IT) deployments amongst internal workgroups. From there, use of the app typically balloons so quickly that it simply cannot be ignored. Today, Slack boasts over 10 million daily active users and more than 85,000 paying customers worldwide.

As organisations allow sensitive information to move off premises and into the cloud, they need to take concrete steps to ensure their data is being secured properly. There are many key challenges amidst this effort, but the use of modern security solutions built for the cloud enables enterprises to embrace the benefits of the cloud.

Data overload

Every day, Slack users send billions of messages and files to each other. It has even become its own verb: “I’ll Slack you” has entered the global vernacular as shorthand for sending information via the platform.

While Slack can do wonders for business productivity, it can also cause major security headaches. Employees are able to share a wide range of sensitive files with each other on the app, from architecture diagrams and proprietary code to personally identifiable information (PII), financial data, and more. Obviously, this could all be extremely damaging in the wrong hands.

Unfortunately, most companies lack the resources needed to manually monitor all of the information passing through the application. Additionally, Slack’s private channels and direct messaging capabilities mean that IT admins often have no direct visibility over what information is being shared, creating another security risk.

Best practices

There are simple practices that organisations should apply when employees are using collaboration tools such as Slack.

Organisations should make sure their employees receive regular training on best practices for cloud security. Employees should be educated on their specific preferences and requirements about who has access to what data. Good password hygiene is another basic yet helpful tactic.

Clearly, the guidelines should also be bolstered by the use of relevant cloud security tools. This is especially true for enterprises that use Slack on a consistent basis or as their primary business collaboration tool.

Such organisations require a solution that provides comprehensive visibility and highly granular levels of control. In other words, organisations must be able to monitor and manage the flow of messages and files so that they can guard sensitive information in the cloud.

CASB solution

One of the best ways of doing so is by using a Cloud Access Security Broker (CASB). These solutions provide robust controls for how and when users can access applications like Slack, and also deliver visibility and control over how data is shared within it.

Leading CASBs allow organisations to see the sensitive data being shared, who is sharing it, what type of data it is, and where it has already been shared. To prevent sensitive data patterns from falling into the wrong hands, organisations can set up policies within a CASB that automatically hide data in Slack messages and files as needed.

CASBs also provide a breadth of other capabilities that are indispensable for securing the use of Slack and defending enterprise data. Multi-factor authentication (MFA) verifies user identity beyond the mere use of a password, data loss prevention (DLP) extends varied levels of data access to users based on their needs and privileges, while advanced threat protection (ATP) prevents malware from proliferating through the cloud.

By integrating with Slack’s API (application programming interface) and proxying user traffic, a CASB can automatically scan an enterprise’s entire Slack deployment across all its teams and channels while enforcing real-time policies that secure user behaviour even within private channels and direct messages. This is how the CASB solution discovers, identifies, and automatically mitigates the risk of sensitive data leakage. This saves IT security teams significant time and prevents data leakage.

Leading CASBs are agentless, enabling enterprises to achieve the desired level of visibility and control over data within Slack without having to install agents on every device.

This can be particularly beneficial in large organisations with thousands of employees as installing agents on all devices used to access corporate data can be logistically challenging. Without an agentless CASB, the regular software updates that must be rolled out for each device’s agent force the organisation to dedicate extensive resources for an otherwise simple task.

Agentless solutions are critical in bring-your-own-device (BYOD) environments where employees are allowed to use Slack and work from their personal endpoints, but do not want code or apps installed on them for fear of having their privacy invaded.

As agent-based tools capture all traffic on the devices where they are installed (corporate and personal alike), employees typically resist them. An agentless CASB with a full-feature set is critical for comprehensive, deployable Slack security that respects user privacy.

As popularity of Slack continues to grow at an exponential pace, many organisations are struggling with how they can best maintain data security as they use it – particularly from an end-user perspective. Solutions like CASBs allow organisations to achieve robust cybersecurity in the cloud, enabling them to enjoy the productivity benefits of Slack or any other cloud application.

Tags security breachescloud applicationslackBitglass

Show Comments