Slack launches Enterprise Key Management, a tool that gives admins control over encryption keys

With EKM, businesses gain control over the encryption keys used to encrypt the files and messages within their Slack workspace.
Written by Natalie Gagliordi, Contributor

Workplace collaboration platform Slack said on Monday that it's launching Enterprise Key Management (EKM) for its security-conscious customers on Enterprise Grid. As a refresher, Enterprise Grid provides centralized administrative controls and security integrations to make the Slack platform suitable for businesses operating in heavily-regulated industries such as finance and health. 

With EKM, businesses gain control over the encryption keys used to encrypt the files and messages within their Slack workspace. Today, all of the data in a Slack instance is encrypted in transit and at rest. EKM lets businesses encrypt that traffic with their own keys and add additional layer of control. In effect, Slack is providing enterprises with the security controls of an on-premise tool with the benefits of a cloud tool.

The service primarily targets large enterprises in regulated industries that have to keep up with shifting governance and compliance mandates, but Slack's chief security officer Geoff Belknap said EKM is available to any Enterprise Grid users that just want more visibility and more control when using Slack.

"From an assurance perspective, EKM gives businesses full control based on what their compliance requirements are in their vertical, or if they are just extra security conscious," Belknap said. "I expect there to be a subset of customers that are not in the traditional vertical that will excited to add this on to their Enterprise Grid."

Also see: Slack's enterprise-grade security tool lets you add encryption keys for more data control

In terms of implementation, Slack said EKM is relatively lightweight and can be set-up in a matter of hours. Enterprise Grid customers interested in the product need to apply directly to Slack to discuss rollout and pricing for their specific organization. Once enrolled and configured, organization owners and admins have the ability to view details specific to EKM, and the toolset is controlled via the security section of the Admin Dashboard. On the backend, EKM is managed in Amazon's AWS KMS.

Slack customers CrowdStrike and Take-Two have been using EKM in beta. Colin Black, COO of CrowdStrike, said the toolset has bolstered the company's internal security and how it controls access to data and relationships within the Slack ecosystem.

"With the introduction of Slack Enterprise Key Management as an added security feature, we immediately saw its value in giving us total control of our data and the assurance that we're protected in the event of a security threat in our supply chain," Black said.

Slack -- which says it now has 10 million daily active users and 85,000 paying customers -- said more than 150 enterprises including Target, Capital One, and IBM are using Enterprise Grid. Earlier this year Slack confidentially submitted a registration statement with the US Securities and Exchange Commission related to its much anticipated debut on the public market. 

Since April 2014 Slack has raised more than $1 billion in total funding. Its last round secured $427 million in venture financing and gave the company a post-money valuation of $7.1 billion.


Editorial standards