Like many of you reading, at Haekka we’re constantly working in Slack. Recently, we’ve been thinking about ways to improve our internal security processes. As part of that initiative, we’re taking a closer look at all of our SaaS application configurations. Of course, Slack is a big one — it houses most of our internal knowledge, data, thoughts, and ideas. Ensuring that Slack and the apps that you use within it are configured properly is important to basic security hygiene.

We know that configuring your organization’s Slack Workspace can seem like a daunting task. However, Slack is extremely user-friendly and intuitive when it comes to setting up configurations and establishing permissions. Below are detailed instructions on Slack channel permissions, posting permissions, and Slack roles. Settings these properly can help you remain secure.

Basics of Slack App Permissions  

There are several hierarchies of permissions in Slack. Some features are only available to Owners/Admins, others to Members, and some to Guests. 

For Slack’s Enterprise Grid plan, System Roles give multiple users flexibility and access that helps the organization communicate seamlessly.

‍

• Channels Admin - this admin has full capabilities over channels to create/archive/rename/convert channels, set posting permissions, and more
• Roles Admin - a simpler type of access, these admins can add, remove, and edit user roles
• Users Admin - these admins have full control over adding/removing users from workspace, converting users to guest roles, deactivating/re-activating user accounts, converting to admin/owner roles

Understanding Slack Channel Permissions

Depending on the type of Slack plan a company has, every person has a different role, each with its own level of permissions and access. These different permissions are listed below. 

Most of the permissions below are available by default for the owner/admin and members of the Slack workspace.

• Send messages and upload files
• Join any public channel
• Delete your own messages
• Create a channel
• Create a private channel
• Convert a channel to private
• Manage channels
• Archive a channel
• Rename/delete a channel  
• Set private channel retention
• Set posting permissions
• Create a channel email addresses
• Create user groups
• Set reminders for channels or members
• Use/commands and shortcuts
• Install apps

View a detailed breakdown here along with administrative settings for certain features.

How to Add/Remove Slack Channel Permissions

Admins can use the following steps to expand and establish Slack permissions.

1. Click on the Workspace name in the top right corner. Select the dropdown menu and select “Settings & Administration → Workspace settings.”
2. Head to “Permissions;” then select “Expand” on the right of “Channel Management.”

3. Now, Admins will see a whole layout of options to allow other users specific Slack channel posting, inviting, adding, and deleting permissions. 

4. Hit “Save.”

How Members Can Utilize Their Individual Slack Permissions

For an organization’s basic member, they typically have restricted user and channel permissions. Members can invite outside organization users to private channels and direct messages, and they can create/delete/archive their own channels, and invite other Workspace members. They can also create channels that are shared with other Workspaces or organizations.

 To invite outside users to a Workspace…

1. Head to the organization’s name in the top right corner. On the dropdown, select “Invite people to Organization Name.”
2. Now, a user can type in the email address of the outside user to invite, and a Workspace Admin will approve or deny the request.

To create private/shared channels…

1. Head to the organization’s name in the top right corner. On the dropdown, select “Create A Channel.”
2. Create a channel name, description, and select “Create.” Users can also make a channel private, meaning only add users will have access. Users can also create external channels, sharing the communication outside the organization.  

Flexibility in Slack Channel Permissions

As the organization becomes more familiar with Slack accessibility, these Slack channel permissions can be changed and adjusted at any time. Owners/Adminis can upgrade to the Enterprise Grid plan at any time, or make the Plus Grid Plan work just as well.