Key Points:

• While boosting productivity, Slack can accumulate sensitive data, increasing security risks for organisations. Setting message retention periods in Slack is crucial for minimising stored sensitive data, reducing the attack surface, and aiding compliance with regulations like GDPR and HIPAA.
• Slack offers different retention period settings depending on your subscription plan (Free, Pro, Business+, Enterprise Grid), ranging from keeping all messages to deleting them after a set time.
• Organisations must balance security needs with employee productivity when setting retention periods, ensuring teams can still access necessary information.
• Data security tools like Metomic offer more granular retention policies, allowing for the deletion of only sensitive data within messages, preserving valuable context and improving efficiency. Want to see how Metomic can help you manage Slack data retention effectively? Book a demo today.

Slack is a popular communication tool for organisations around the world, with an estimated 65 million users logging in to share messages with colleagues on a regular basis.

While the productivity benefits are undeniable, organisations run the risk of sensitive data building up in the SaaS app as teams try to get work done quickly.

Setting a retention period on messages is crucial to minimise the amount of sensitive data stored in SaaS apps, therefore reducing the attack surface for malicious actors who want to access valuable data. There are a few ways of doing this in Slack, depending on your plan. A data security tool like Metomic can help you do this on a much granular level.

Why are retention periods so important in Slack?

With teams sending messages on Slack every day, there are risks associated with retaining all of the data exchanged between colleagues. For instance, if your organisation is complying with industry regulations such as GDPR, and HIPAA, you’ll need to ensure you are not retaining Personally Identifiable Information (PII) or Protected Health Information (PHI) for longer than necessary.

Unless Slack admins within an organisation change the settings, Slack stores messages for a lifetime which could include sensitive customer or employee information which might be shared between colleagues, or by third party tools that are integrated with Slack.

When setting retention periods, organisations should be careful to balance employee satisfaction and efficiency with security. Employees should still be able to carry out their roles, and retrieve information in order to ensure productivity is kept high.

How to set retention periods in free version of Slack

If you’re using the free version of Slack and you’re a workspace owner, you will have the option to keep all messages, without tracking message edits or deletions, OR Slack will delete messages after 90 days.

To set your retention period, follow these steps:

1. Open Slack on your desktop and click your workspace name in the top left of your sidebar
2. Click on ‘Tools & settings’ and then ‘Workspace settings’
3. Expand ‘Message history’
4. From here, you can choose your new retention settings
5. Hit ‘Save’ and tick the box to confirm
6. Click ‘Apply new setting’

How to set retention periods in Pro & Business+ subscriptions

Slack Pro & Business+ subscribers will have more options when it comes to retention periods.

They will be able to keep all messages and track message edits and deletions, keep all messages without tracking revisions, or delete messages after a set period of time.

You will need to:

1. Open Slack on desktop and click your workspace name in the top left of your sidebar
2. Click on ‘Tools & settings’ and then ‘Workspace settings’
3. Expand ‘Message history’
4. From here, you can choose your new retention settings
5. Hit ‘Save’ and tick the box to confirm
6. Click ‘Apply new setting'

🎥Watch: How to set retention periods in Slack Pro & Business

How to set retention periods in Enterprise Grid subscriptions

As above, you will need to:

1. Open Slack on desktop and click your workspace name in the top left of your sidebar
2. Click on ‘Tools & settings’ and then ‘Workspace settings’
3. Expand ‘Message history’
4. From here, you can choose your new retention settings
5. Hit ‘Save’ and tick the box to confirm
6. Click ‘Apply new setting’

The benefits of setting retention periods with Metomic

Rather than deleting the entire message, Metomic allows you to set automated retention periods that only delete the sensitive data contained inside. This means that your messages that do not contain sensitive information can remain intact, allowing your team to remain efficient and productive.

You can set retention policies spanning hours, days, weeks or years, to ensure your team can still do their jobs with the sensitive data they need while giving your security team the reassurance that sensitive information will be redacted in time.

🔒Protect Sensitive Data in Slack: Get a Metomic Demo Today

When you integrate your Slack environment with Metomic, you’ll have access to out of the box classifiers that detect sensitive data such as credit card numbers, bank account numbers, email addresses, and more.

You’ll also have the option to create your own custom classifiers to protect sensitive data that matters to your organisation.

To find out more about how Metomic can secure your Slack application, book a demo with one of our security experts today.

‍