Don't Save Data Forever, By Default
By default, Slack will retain all messages and files for the lifetime of your workspace. And it can add up: The enterprise account allows up to 1TB of storage per user.
"This opens the door to this data being stolen or subject to subpoena," says CynergisTek's Barlow. "The smart approach is to pay serious attention to retention. Even a default retention limit of 30 days can significantly reduce an organization's risk "
One caveat: Be incredibly careful to retain data and observe other litigation hold protocols when customizing data retention policies.
"If there are regulatory requirements for storage, only apply it to those conversations that require it," Barlow says. "Or more likely -- move that collaboration out of a tool like Slack."
"Companies should implement protocols for preserving and retaining data the moment the legal obligation arises," adds Brian McPherson, labor and employment attorney and shareholder at Gunster law firm. "These protocols should also include a method for informing those necessary employees about the specific data that must be preserved."