Slack For Business

Slack is a collaboration hub for businesses that has exploded in popularity over the last five years. It now has 10 million daily active users, making it by far the leading platform for live chat within businesses. Slack boasts that it’s being used by ‘65 of the top Fortune 100’ companies.

Slack is so familiar that most people seriously underestimate what they could accomplish with it.
Opinions expressed by Entrepreneur contributors are their own.

Try Slack for free with your teammates. All it takes is an email address to get started. Slack is a digital workspace that allows teams and groups to communicate and collaborate on topics and projects. A team is a group of people that you work with every day who use Slack to communicate. A Slack Team is the digital space where you share information. The employees at a small or medium-sized company will be part of one Slack Team. Slack is a messaging program designed for use in the workplace. It's available for desktop and mobile and can be used through the Slack website on a web browser. There's a free version, but if you.

If you work in an office or in the marketing or tech industries, it's likely you've heard of Slack. This communication channel is perfect for discussing internal affairs, managing projects or simply getting to know colleagues.

Slack was introduced to save companies time. The platform cuts out the need for back-and-forth emails, daily meetings to approve small tasks, and even some of the paper trail HR is faced with every year. It also creates a more casual workplace that makes everyone feel more relaxed when at work.

While you may have already heard of Slack and its mound of benefits, it's important to note that there is a number of Slack tricks people don't know about. In this article, I'll tell you about 10 Slack strategies that will help make you a pro in your field.

1. Add Slackbots to the mix.

Slack has jumped on the chatbot bandwagon and now allows companies and individuals to add Slackbots to provide a variety of services. Thanks to platforms like ChattyPeople, you can create a chatbot in a matter of minutes with absolutely no coding knowledge whatsoever.

Its easy-to-use interface comes with a drag-and-drop feature, meaning you can get started quickly and with no added stress. ChattyPeople chatbots can be integrated into a huge variety of messaging platforms, most notably, Slack. Best of all, ChattyPeople is free to get started with, so you can practice before settling on your final design.

Related: 10 Ways Slackbots Will Change the Future of Work

2. Use different channels for individual projects.

The whole point of Slack is to organize your conversations based on projects as well as differentiate between office banter and serious talk. These channels are easy to create and should be organized in a simplistic way so that you can keep your various projects on track.

Make sure to invite relevant people when creating your channels. At the top of each channel, you'll be able to see any information that's been shared since its beginnings, such as files, videos, folders, and so on. Steam mac os 10.9.

3. Customize your notifications.

When learning how to use Slack, it's important to correctly set your notifications. Instead of being disturbed on an hourly basis by various channels, you could tell Slack how often you want to be updated on specific projects. You can change your notifications on both your computer and your mobile application.

Related: Email Is Great But Face-to-Face Meetings Are 34 Times More Successful

4. Learn shortcuts.

As with any computer program, Slack has a number of shortcuts to make your experience that more straightforward. It'll help you avoid countless disruptions while you're hard at work. Of course, there's a mound that you will probably not remember, but if you're driven to increase your efficiency while at work, I highly suggest you check out the shortcuts available. If you have a Windows computer, all you have to do is head over to Slack and hit 'Ctrl' + '/'; for on an Apple computer, use '?' + '/'.

5. Use polls to make decisions quickly.

Unfortunately, even work communications can go on tangents that seem uncontrollable. Luckily, you can easily create polls that allow team members to vote to come to a final decision more effectively.

All you have to do is type '/poll' and you'll be given instructions on how to proceed. Alternatively, you could implement a polling chatbot through a chatbot platform and then create a report based on answers.

Related: 17 Essential Tools for Entrepreneurs

6. Establish your keywords for relevant notifications.

I briefly explained how you can update your notifications in the third strategy; however, you don't have to do so simply based on time. You can schedule your notifications based on words. For example, if you have an urgent project regarding chatbots, Slack could notify you every time the word 'chatbot' comes up in conversation. It's a great way to never miss a beat during an important project.

7. Personalize your Slack interface so you enjoy using it.

It's a well-known fact that we're more compelled to use applications if they have a user-friendly interface that's visually appealing. Instead of sticking with the aubergine or red interface, you can customize it to suit your tastes by going to the preference menu. Alternatively, you can create your own.

Related: 10 Ways to Use Chatbots for Marketing and Sales

8. Use media.

While Slack is predominantly used for live chat conversations, it has the potential to become a very creative and interactive channel that allows for file sharing, emojis and more. Your communication among teams doesn't have to be limited to monochromatic texts. Slack allows you to integrate educational and funny videos, media regarding projects, files for others to view, even emojis, to make everything a little more lighthearted.

9. Integrate with other applications.

You can integrate your Slack with other applications your business utilizes. For example, if your office uses Google Suite, you can link the two, thus allowing teams to access, share, edit, and create files regarding projects directly from Slack. Team members never have to change context to get things done.

In addition to Google Suite, chatbots can be used on Slack to integrate your channels with your calendar, emails, and social media profiles. With these, you'll be able to schedule, edit, and cancel meetings; send messages to friends; and reply to emails.

10. Use it for more than Instant Messaging.

I mentioned above that Slack communications aren't limited to black-and-white pages of text, thanks to emojis and other media. But, through Slack, you can also place calls. The platform has a built-in voice and video calling feature as well as screen sharing capabilities, making it the ultimate all-in-one messaging platform for professionals.

Finally…

Many people aren't aware of the mound of features Slack offers. By following the tips outlined above and creating and integrating your own virtual assistants into your channels, you'll be able to increase productivity, boost company morale, and generate revenue for your company.

For Slack’s 8M+ daily users, the chat system represents more than just a communications tool. It also functions as a digital water cooler for company gossip, a channel for the airing grievances and a mentorship platform for junior employees can interact directly with senior counterparts. And in some cases — a platform that employees share sensitive and important login details and passwords.

The intimate nature of Slack leads most users to the assumption that their communications are confidential. However, there are a number of security blind spots on Slack that leave companies in a vulnerable position. Review them below, then take the suggested actions at the end of this article in order to stay as safe as possible.

The security risks of Slack

To be clear, we’re not recommending giving up Slack — the productivity benefits associated with its use are substantial. However, if you’re going to use Slack for any business purpose, you need to maintain a clear understanding of the risks involved, as well as the degree to which they can be mitigated.

Risk #1: The onboarding of employee and guest users

Some of the risks that come along with using Slack have to do with weaknesses in its code, discussed later in this article, which businesses need to be aware of but may be unable to change. In other cases, however, Slack’s security risks come from user error.

That’s the case with the proper on-boarding and off-boarding of Slack user accounts for both internal employees and external guests. If either is left in the workspace after their affiliation with the company has ended, the users may retain access to confidential or sensitive information.

To prevent this from occurring:

  • Add the on-boarding and off-boarding of Slack accounts to your standard employee onboarding and termination procedures. Communication with HR is vital; IT (or whoever is responsible for creating and deleting Slack user accounts) must know exactly when to create and delete user accounts. This is especially important in the event of contentious terminations, when every minute the terminated employee remains in the system represents a liability.
  • If your organization grants the ability for admins to add external guests, your organization also needs to have a regularly-reviewed and enforced policy to remove guests after their engagement is complete.

Risk #2: The power granted to “Owner” and “Admin” roles

BetterCloud’s Christina Wang points out that Slack users with “Owner” and “Admin” roles have significant power within the system — often more than most administrators realize.

For example, Wang shares that “By default, only Slack Workspace Admins and Owners can create and manage user groups. But any admin can change those settings in a drop-down menu.” Effectively, any one of your organization’s admins can go in and make it possible for all of a workspace’s users to create, modify or disable user groups. Besides the obvious potential for abuse, doing so increases the odds of user error resulting in unintentional deletion of important groups.

Granting admin rights to a few users can be beneficial, as it prevents only one employee being responsible for creating, moderating and managing user groups. But at the same time, you have to balance the potential risks of data loss when doing so. Make sure you understand what rights Admin and Owner roles have, and that you’re comfortable assigning these privileges to employees chosen to be admins.

Risk #3: The threat posed by third-party app integrations

This one should come as no surprise: Be cautious when linking Slack to third-party apps, especially those that contain other types of sensitive information (such as your CRM, Google Drive, etc).

Consider that, in 2016, employees at 18F shared Google Drive documents through Slack, inadvertently exposing more than 100 governmental Google Drive accounts at the General Services Administration (GSA) for nearly six months. The breach occurred because the GSA had made the connection between the two apps using an authentication protocol known as “OAuth2.0,” which neither Slack nor the GSA’s IT standards had approved.

If connecting apps to your Slack instance is a “must”, confirm that the appropriate authentication protocols are being used. But as a general rule, avoiding third-party app integrations entirely is a safer approach.

Review any 3rd party integrations every quarter to make sure they are still needed and remove the integrations that are no longer needed.

Risk #4: Known and unknown system vulnerabilities

Slack’s popularity and the size of its active user base make it an appealing target for hackers looking to infiltrate organizations that use the communication tool. With breaches and cybercrime at all-time highs, no system is off-limits to hackers — especially not one in which so much valuable private information is shared.

Take a recently-discovered vulnerability, as reported by Wired’s Lily Hay Newman:

“Frans Rosén, a researcher at the web security company Detectify, submitted [the vulnerability] to Slack’s bug bounty program in mid-February. If exploited, the vulnerability would allow an attacker to log into a Slack account as if they were the legitimate user of the account. From there, the attacker would have full access to look at chat histories, shared files, and any other group chats/channels the user had access to.”

Rosen shares full documentation regarding the bug on the Detectify blog, but effectively, it arose from a flaw in the way Slack was configured to communicate with other domains. Slack has since repaired the vulnerability, but such quick fixes don’t exist in all cases.

As an example, security researcher Inti De Ceukelaire discovered faulty business logic on popular third-party online help desks that enabled him to spoof company email addresses and access team pages in Slack. Though Slack recommends specific steps that can be taken against this possibility, as reported by The Next Web contributor Matthew Hughes, iterations of the attack are still effective.

Don’t rule human error element out of Slack vulnerabilities either. In April 2016, Ars Technica reported that “A surprisingly large number of developers are posting their Slack login credentials to GitHub and other public websites.” Despite Slack declaring that access tokens should be treated with the same level of care as passwords, Ars Technica’s search revealed “more than 7,400 pages containing ‘xoxp’” (the prefix contained in tokens that in many cases allow automated scripts to access a Slack account).

Joining publicly-accessible Slack groups may also present a data leakage risk. In February 2018, the Origin Report’s Josh Fraser shared that the 1,118 members of its open Slack community had their personal information — including their email addresses, usernames, real names, profile pictures, last updated timestamps and timezone settings — exposed by a hacker who manipulated API keys.

Risk #5: Data access by Slack team members

Finally, be aware that very little is known about which Slack team members can access user data, and when they can do it. Though Slack claims to have technical, audit and policy controls in place to prevent inappropriate access, they also acknowledge that they did not intentionally build an app that would prevent employees from accessing information without authorization.

Electronic Frontiers Foundation Senior Staff Attorney Nate Cardozo isn’t happy with this response. In an interview with Gizmodo, he states, “Slack could have built this system in a way that no one within the company had access into user data,” referencing zero-knowledge encryption, an end-to-end encryption method. “What it comes down to is, trust us.’”

Understandably, Slack’s shortcomings on this issue have prompted fears of an unknown, as-of-yet reported “God mode,” similar to the one that got Uber in so much trouble. Though Slack denies this possibility, it’s best to remember that you’re better safe than sorry when disclosing important information online.

How to keep slack as secure as possible

Slack For Business Login

While you can’t guarantee security on someone else’s system, there are a few steps you can take to minimize the risk that the data your team shares on the platform will be accessed improperly.

#1. Never share passwords on Slack

Under no circumstances should employees ever share passwords on Slack. If they need to pass on access to different programs, password management solutions like Password Boss are a safer, more easily controlled choice.

#2. Turn on two-factor authentication

At a minimum, make two-factor authentication (2FA) mandatory for all users in a workspace. If your workspaces are also using SAML-based single-sign on (SSO), you can still use 2FA, but you’ll need to set it up with your identity provider, according to Slack’s instructions.

Download

#3. Apply your company’s email security policies to Slack

Your company should have a defined email security policy in place. If so, apply these same requirements to Slack usage (and, if not, put that on your to-do list right away). A few specific requirements your policy should encompass include:

  • Guidance around sharing login credentials with others
  • How confidential or sensitive information should be shared
  • Password strength and security standards

Slack For Business Download

#4. Make Slack security training a part of employee onboarding

Don’t rely on policies alone. Incorporate Slack security training into new employee onboarding programs, and run regular refresher courses periodically.

Teach employees they shouldn’t share anything on Slack that they wouldn’t put in an email. It may also be worth teaching them about specific risky behaviors that should be avoided on Slack (such as inadvertently creating public links to files when sharing assets).

Slack For Business App

Make Slack security screening a part of your ongoing security process as well. Follow news about Slack (setup Google alerts), paying particular attention to any bugs that are discovered or vulnerabilities that are identified. An ounce of prevention here may truly be worth a pound of cure.

Is Slack security on your radar? If so, what steps are you taking to keep your organization’s workspaces safe? Leave us a note below with your comments:

Free Slack Account

Leave a Reply