In the not too distant past, when on-premises software was the norm, data storage was simple. Your data lived with you. Today, cloud services make data residency more complicated. Global organisations are creating their own internal policies for where data can be stored, while governments and third-party regulators are enforcing data residency requirements.
Twelve million people collaborate in Slack each day, but because data is primarily stored in the United States, many teams abroad remain on the sidelines. To bridge this gap – and make Slack available to more teams in highly regulated sectors, such as financial services, the public sector and healthcare – we’re delivering data residency for Slack.
Data residency gives global teams more control over where their data is stored. Frankfurt, Germany, and Paris are the data regions currently available outside the US, with regions in Japan, the UK and Australia to follow.
Data residency FAQ: What you need to know
With data residency, what type of data does Slack store?
User-generated data from Slack – including messages, posts, files and searches – is stored at rest within a desired data region. All data in Slack, whether in transit or at rest, is encrypted.
Where does application-generated data reside?
Application-generated Slack messages and files are stored in the same data region as user-generated messages and files are stored. The location of data from the third-party apps your teams use with Slack is dependent on the application partner’s policies.
I’m an existing customer. Can I move my data to a new region?
Yes! Existing customers can move their organisation’s or teams’ data to new residency regions. Note, however, that the entire organisation or team must be rooted in a single region.
If I move my data to a new region, will anything else change?
No. Your teams will enjoy the same Slack experience and features they use today.
How Slack keeps your data secure
Data residency is the latest example of Slack’s continued investment in enterprise-grade security and compliance. Slack meets and exceeds some of the most broadly recognised security standards and offers tools to help customers address their compliance requirements.
Slack’s security programme certifies its service with ISO 27001, ISO 27017, ISO 27018, SOC 2 Type II, SOC 3, EU-US Privacy Shield, Swiss-US Privacy Shield and Cloud Security Alliance. Slack also helps customers meet specific industry regulations or international security and data privacy standards, including FINRA, HIPAA, FedRAMP and GDPR. Its security programme is committed to expanding coverage and incorporating new guidance and industry best practices.
The following information is intended for INFORMATIONAL PURPOSES ONLY and not as a binding commitment. Please do not rely on this information in making your purchasing decisions. The development, release and timing of any products, features or functionality remain at the sole discretion of Slack and are subject to change.