Did you watch the Olympics?
If you did, you probably saw this commercial:
Why does it matter that Salesforce bought Slack and ran a heavy ad load during the biggest sporting event in the world?
Answer: it means that Salesforce is serious about Slack. This high-profile go-to-market campaign is the first of many.
Salesforce wants Slack to be the platform of choice for collaboration. In the words of Salesforce CEO Marc Benioff:
We're going to rebuild all of our technology, once again, to become Slack-first to help our customers have a harness to work in this new world — where you're working at home; you're working in the office; you're working at events; you're working anywhere.
If Slack really is where the future works, that future - messages, channels, file shares, and everything in between - needs to be secured. With more than 12 million Daily Active Users and 150,000 organizations on board, Slack is becoming a prime target for malicious actors (we all remember the EA hack).
Clearedin is here to help. That starts with five recommendations for your organization to use Slack phish-free:
- Be extra careful about sharing Personally Identifiable Information (PII). PII should only be shared with known and trusted individuals. If you share PII on Slack, follow through with a plan to delete it.
- If you get a Slack invite via email, make sure it's not a phish. The same old email tricks apply - spoofed Slack domain, realistic content, and long-term social engineering. You'd be surprised at how easy it is to click through (if you're a security person, you're not surprised).
- When you work with external collaborators, make sure their Slack workspaces are authentic. Anyone can set up a Slack workspace or organization with any name - whether or not they represent that organization. Verify authenticity by using a second trusted channel or a secret.
- Have visibility and controls around file sharing. This includes external file links shared on Slack and files uploaded directly to Slack. Create a process for trusted human approvals and roll it out.
- Use a security platform that plugs directly into Slack. And Microsoft Teams. And email. And wherever collaboration goes next.
Do #1-#4 and you'll be in great shape.
Do #5 and you'll be in the best shape you can be.