Slack at NC State
This page is in place for units that have a business need that cannot be met by other centrally supported chat and collaboration platforms.
Slack Versions per data classification levels:
- Unclassified (White) or NO University Data – Standard Preferred
- Green – Standard Required
- Yellow – Plus Required
- Red or Purple – NOT approved for use on Slack at this time
Controls required by all chat services at all data classification levels:
- Data Discovery/export
- Data Encryption (transit/rest)
- Authorization
- Accessibility Compliance
- Ability to scrub sensitive/dangerous data
- Backups / Disaster Recovery
- Records Retention Compliance
- Audit Logging
- ClickWrap approval for Apps/Bots
Extended Controls by Slack Version
Control | Description | Free | Standard | Plus | Enterprise |
---|---|---|---|---|---|
Central Authentication | Use of University Credentials including 2FA. | No |
Yes |
Yes |
Yes |
Shibboleth | Ability to use SAML authentication. | No |
No |
Yes |
Yes |
Google SSO | Ability to use Google OAuth authentication. | No |
Yes |
Not Preferred |
Not Preferred |
Authorization | Ability to control who can get authenticate. | Invite only with no central authN |
All Google Domain Users Are Allowed |
Yes via SAML Attributes |
Yes via SAML Attributes |
Data Discovery / Data Export | Ability to export data for legal, policy, or HR reasons. | Export is only Public Channels |
Export is only Public Channels |
Yes but no API support |
Yes |
Third Party DLP and eDiscovery tools | No |
No |
No |
Yes |
|
Records Retention | Ability to meet requirement of NC Records Retention Schedule. | No - last 10,000 messages |
Yes |
Yes |
Yes |
HIPAA-compliant | No |
No |
No |
Not Permitted by NCSU |
|
Centralized Logging | Ability to have logs from Slack go into Splunk via Audit API. | No |
No |
No |
Yes |
If you require assistance in selecting the best option for your needs, contact the NC State Help Desk or your school or department technical support representative.