Slack today unveiled new security capabilities for Enterprise Grid customers, including tighter controls for admins who oversee mobile device access.
Enterprise Grid was launched in 2017 for Slack’s biggest customers, with additional features to support large-scale deployments. Among the 150 organizations now using Enterprise Grid are Capital One, IBM and Target.
Slack has continued to build out security and compliance features for the software since its introduction, including the addition of enterprise key management last September.
The first set of updates announced today focuses on access via mobile devices.
Enterprise Grid admins can now require additional authentication processes on top of single sign-on, including Face ID, Touch ID and “generated passcodes.” Admins can also set a time period after which users must re-authenticate.
New session management tools now let admins remotely wipe mobile or desktop sessions associated with a specific user when a device is lost or stolen. Additional session management controls, coming in the “near future,” will be added to the admin dashboard and allow IT to set the maximum number of devices an employee can be logged into at one time.
Other planned mobile security management features are the ability to detect when a devices has been jailbroken and then block access to it, as well as ability to require app upgrades on users’ devices. Slack did not ay when those features would roll out.
The company also introduced new features to manage data access and data-sharing.
Domain whitelisting tools will let admins determine which workspaces can be accessed within a corporate network by particular employees, preventing them from signing into unapproved workspaces. “This not only helps safeguard sensitive information from being shared to non-managed workspaces, but also helps your teams focus on their most important work,” the company said in a blog post.
Slack will also allow admins to block file downloads from desktop computers outside of non-approved IP addresses, while a mobile browser control feature lets them require that all links shared in Slack open in specific browsers managed within a mobile application management (MAM) container.
“These features provide additional flexibility for securing the Slack mobile apps, especially in situations where a Slack enterprise customer cannot manage the mobile devices accessing their subscription, such as a partner device or a BYOD device,” said Larry Cannell, a research director at Gartner. “They also enable more Slack-centric application policies, such as whitelisted workspaces.
“In addition, these features are only available via Slack Enterprise Grid, reinforcing the positioning of Grid as their preferred enterprise solution,” he said.
Last month Slack – which recently completed its stock market listing – announced that it would reset passwords for thousands of customers following a 2015 security breach.