Monitoring business communication tools like Slack for data infiltration risks

Introduction

If you’re sending instant messages at work, chances are you’re using Slack, the business-oriented analog of WhatsApp or Discord. Slack currently boasts over 12 million users worldwide, and as more businesses turn to remote or hybrid work environments, that number is only expected to grow. But Slack’s popularity raises a very important question: exactly how secure is Slack? 

After all, most businesses have a trove of sensitive information that they would rather not see splashed across the dark web. But in the age of major hacks, your secrets are only as secure as your messaging platform. And, according to some cybersecurity experts, Slack has a few major vulnerabilities that every business should be aware of.

Is Slack secure?

It’s a fair question to ask, since Slack is one of the most widely used instant messaging systems for business. It’s also a question that yields some surprising answers. 

Although Slack’s overall security has improved in the last couple of years, there are still some nagging issues yet to be resolved. Let’s take a look at some of Slack’s vulnerabilities.

Third-party apps

Third-party apps are the Achilles’ heel of the cybersecurity world. If a vulnerability arises in just one of the over 900 apps and bots that Slack users have to choose from, the issue can easily travel upstream to Slack. And since users at all levels have the power to install apps at will, this can be a difficult problem to manage. 

User vulnerabilities

Among Slack users, there are some common misconceptions about the platform’s privacy. Since the platform is invite-only, many users mistakenly think that everything they share via Slack will be private. 

Unfortunately, it’s not that simple. Since Slack members have the power to invite new members, edit user groups and invite guests into (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Christine McKenzie. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/0beDrl89SUY/