With workplace collaboration tools like Slack, one of the most popular forms of workplace communications these days (over 10 million people use Slack every day), virtual conference rooms have become very popular. While Slack can be an excellent tool for casual office collaboration—think shooting your colleague a quick clarification question about a meeting—it actually should not be thought of as a secure tool for more intensive collaboration – e.g. the type that results in the creation of intellectual property. In fact, executives know this: in interviews with CNBC they expressed concern about the level of information their employees share on Slack, who can view it, and the potential for actual leaks.
They’re right to be concerned: Slack keeps any and all conversations your organization has on Slack servers – forever—putting that data at risk of being hacked, leaked, or viewed without your authorization.
The Heart of the Issue
At the heart of it, using Slack for office collaboration can put your intellectual property and other sensitive information at risk. Again, Slack stores everything you do (as this article in the NYTimes aptly explains). Your username as well as any messages you’ve sent are stored on Slack’s servers—which means Slack can access it, law enforcement can request it, and hackers could break in and steal it. Slack does offer encryption and Enterprise Key Management; however, this is only the first step in defense of business communications and should be expected out of the box as a basic service.
The way that Slack is built also makes it easy for those conversations to be leaked by anyone privy to the conversation. With Slack, it’s easy to save and share conversations that go way back—whether by forwarding, copying, or downloading them. This is an important consideration when you consider that a quarter of all corporate breaches are related to insiders—or current and former employees. A disgruntled employee or an employee turning in their notice can easily save conversations and leak sensitive information including valuable IP. The NYTimes found this out the hard way when a conversation leaked in which reporters criticized a colleague.
Security You Should Demand
When it comes to workplace collaboration tools that lead to the creation of intellectual property or other sensitive content security and confidentiality are key. Simply put, although Slack may be great for other conversations, confidential business is not why Slack was built.
For a business to have true security and confidentiality it needs full control over its communications — how they are used, how long messages are stored and where they can be stored. This also means that a sender of any communication should also have control over messages – even after they leave the sender’s device.
At Vaporstream, we believe that businesses should be able to collaborate online without having to worry about sensitive business information being leaked. Vaporstream supports businesses and their employees in maintaining ongoing conversations across smartphones, tablets, and laptops/desktops to share ideas, collaborate on projects, create schedules, make joint decisions and discuss other business activities. We don’t store any of our customers’ information on our servers – protecting information from any leaks, unauthorized viewing, or hacks.
Conversations can’t be shared; senders can delete messages everywhere and businesses can set expiration limits for messages based on their policies —so that sensitive information never remains on devices. And should you choose, we can store your conversations for up to 30 days. Regardless, we work with you to set up a secure repository to archive any conversations you might need for compliance purposes—a repository that only youhave control of and access to.
With Vaporstream, your intellectual property and sensitive business information remains under your control, not in the hands of your vendor, former employees or competitors.
To learn more about Vaporstream and how we provide workplace collaboration solutions with true security, download our NowSecure Case Study today.
Contributor: Kristi Perdue-Hinkle