Blog

Understanding Slack’s Privacy Settings

If you’re working in an office in 2019, chances are your company uses Slack to communicate internally. It’s a wonderfully-designed app that allows employees to easily communicate in groups and individually. Quick and intuitive communication is essential, but it’s increasingly important to focus on the privacy issues that these kind of apps may create. With Slack in particular, there are a few settings to keep in mind.

Your Direct Messages Aren’t Fully Private

When you use a paid Slack plan, there’s a chance that the IT team at your office can read your direct messages. You can check if that setting is enabled by logging into Slack on your web browser and heading to slack.com/account/team and selecting the “Retention & Exports” tab. If your administrator has enabled access to everything, you’ll see the sentence “Workspace Owners can export messages and files from public channels. Workspace Owners can also export messages and files from private channels and direct messages.”

Editing Messages is Sometimes Not Enough

If you’re a daily Slack user, you’ve likely noticed that you can edit a message after you’ve sent it. This is a handy feature that helps with typos and grammatical issues, but it shouldn’t be used as a measure to cover your tracks in case you sent a message that you shouldn’t have sent at work. Be sure to read the fine print on the “Retentions & Exports” tab in your settings. For some paid plans, it specifies that all “messages (and their revision history) are never deleted.” If that’s the case, there’s not really anything you can do.

General Safety Rules Apply

Since much of your data privacy is out of your hands with Slack, it’s smart to use any and all cybersecurity tips in your arsenal. For one, you should use a specific and unique password. Be sure to check out our blog here about password protocol here. Secondly, you need to make sure that if you leave your job, your Slack history gets fully deleted. You have to ask the workspace “primary owner” to ask Slack to delete your profile info. They’ll then email Slack at feedback@slack.com with a specific deletion request, noting “the member’s email address and your workspace URL. Lastly, it’s wise to just exercise caution across the board. Avoid sending personal information or financial details over any online messaging platform.

Some Settings Depend on Admin Rules

There are some additional settings you can apply if your workspace administration permits. One of them is the message retention feature. From the main dashboard, click the gear icon to open the Channel Settings menu, and if you see the “Edit message retention” feature, you should click it. This feature allows you to decide how long your messages are saved in the app. You may also have the option to enable two-factor authentication on your account, which would make it more difficult for hackers to access your profile. Head to slack.com/account/team again and see if you can tweak the setting there. The first step to protecting yourself from harm is getting informed, so we hope you read this blog carefully and apply it wherever you can.

 

Was this helpful? Leave us a comment below.