Links to external files
Your teammates can share files outside their workspace on the Internet by creating an
external link for any file. At the same time, admins can't control this process in any way,
which means attackers can get access to your sensitive documents.
To avoid the outsider threat, limit the ability to create external links through the Admin panel.
Limit the number of admins
In Slack, it's a typical scenario to assign the admin role to a group of members. Then they
can share the same rights with more people and so on. It can cause security risks.
Consider minimizing the number of admins. At the very least, you should know who has the
admin rights and check this list regularly. Do all your admins have really to be in that role?
Restrict access
Admins have the rights to restrict access to your Slack and restrict access to channels for
some users. Make use of it when necessary.
1. By default, only Admins can invite new people to your Slack. You may leave it as-is so
that your colleagues don't invite someone from the outside.
2. Use Guests accounts to restrict access to channels with sensitive data for freelancers
and part-time workers.
3. Deactivate Slack accounts of those who are no longer working in your company.
Monitor Slack apps in your workspace
1. Usually, all your teammates can install any third-party app from the Slack App Directory. If
you deem necessary, limit the number of persons who have the right to add new apps.
2. Internal integrations you build use the Slack API secret token of your workspace. Don't
share this token with anyone to avoid possible safety hazards.
Enable two-factor authentication (2FA) for all users
This authorization method uses a person's second device (usually a cell phone), where they
get a unique confirmation code. It's used in a combination with user's password to access
Slack.
75