Team chat is just the mean. Business teams use Slack as a repository of confidential data and files which can be shared easily, often without security considerations. As Slack owners and admins can enable users to perform many data sharing functions, misconfiguration of permission and security controls can lead to data breaches.
Though Slack offers multiple security controls to enable secure collaboration, these are only as good as people knowing how to turn on and enforce them. Many enterprise-controls are pay to use, i.e. activated only with a paid plan. For example, though your company may have a SAML Single Sign-on policy that requires users to log in only via a single dedicated identity provider, the business team using Slack will need a paid plan to enforce this which they may not want to do.
If you have given the green light for business teams to use Slack, use Detexian’s FREE Slack Security Risk Assessor to determine how it has been configured against best practice and start monitoring unauthorized changes TODAY.