Serg Nvns - Fotolia

Users press for more Slack security, compliance features

Users want more Slack security and compliance controls in the Standard and Plus subscription tiers.

SAN FRANCISCO -- Small and midsize customers are pushing Slack to bring more compliance and security features to cheaper subscription tiers -- and there are signs Slack has begun to heed those demands.

Several crucial Slack security and compliance tools are supported only in Slack's Enterprise Grid, a premium platform for large businesses that includes e-discovery, data loss prevention and enterprise mobility management.

Launched in early 2017, Enterprise Grid is targeted at organizations with tens of thousands of users across multiple Slack workspaces.

But many smaller businesses want access to the same level of security and compliance. And some say they are forced to choose between using Slack in a limited capacity or upgrading to Enterprise Grid.

"I see why they are focusing on Enterprise Grid first," said Luke Rockwell, cloud services administrator for Mapbox, a global, midsize mapping software vendor based in San Francisco. "I just hope they continue to trickle-down features."

Slack mulling who will get access to mobile security features

Photo of Slack Frontiers
Slack held its annual user conference, Slack Frontiers, April 24 to 25 in San Francisco.

Responding to such feedback, Slack is considering whether to make two recently announced mobile security features -- secondary authentication and session management -- available to Standard and Plus plan subscribers.

"We have not determined yet the go-to-market for these features," Ilan Frank, director of enterprise product at San Francisco-based Slack, said in an interview. "They will definitely support Enterprise Grid, but we're not announcing yet which [other] offering these will be in."

Secondary authentication will let customers restrict access to the Slack mobile app by requiring a passcode, a fingerprint or a face scan. Session management will let administrators remotely delete data from the Slack mobile app -- a helpful tool when phones are lost.

Both features were announced last week at Slack Frontiers 2019, the vendor's annual user conference, and are expected to launch later this year.

New Slack security features brought exclusively to Enterprise Grid

Another newly unveiled mobile security feature, which is available now, prevents users from downloading files or copying text through the mobile app. That tool is available only for Enterprise Grid customers using enterprise mobility management products.

"The way I look at it is we have an enterprise offering, and we have two other offerings that we've been able to discount in order to provide it to companies ... not requiring all these advanced security controls" Frank said.

Other recently launched Slack security and compliance features available only in Enterprise Grid include enterprise key management, which lets customers control their encryption codes, and Health Insurance Portability and Accountability Act compliance for files and messages.

"For us to effectively work in Slack, we'd need to go to the Enterprise Gird," said Robert Martin, IT business relationship manager at the Federal Reserve Bank of San Francisco, which is piloting Slack. "That's where the security really comes into play."

Slack doesn't want to force customers onto Enterprise Grid, Frank said. At the same time, Frank acknowledged, bringing more advanced security and compliance features to the cheaper tiers would cost Slack money.

"We are hearing demand for security features in other skews, and so we're thinking about how we provide answers for that," Frank said. "There are all kinds of features that we could take and move to the regular plan, but then we'd have one plan."

In fiscal 2019, Slack relied on 575 large organizations for 40% of revenue, according to financial records. Slack, which lost nearly $139 million last year, will need to continue to grow enterprise revenue to attain profitability.

Dig Deeper on Team collaboration software