Depending on the point of view it can also be a strength. Actually many of our customers like that we're in Slack because their people are already there:
- no login required to request an access
- they don't need to "learn a new application"
So for end users that's great. There is still a web app for admins with more details.
But I can see where you're coming from. We plan to offer an alternative to Slack to be independent if the customers want that.
From a legal point of view that might be true, but I believe people are not aware that this is a problem. They just register, check the "Agree terms of service" box and do whatever they want to do. I saw that often, especially with Marketing.
Which makes it even worse because you cannot detect that then :/
Shouldn't people just be able to try out new things? How can a company be innovative otherwise?
And at a specific point (e.g. putting customer data into it), they need to start a proper vendor assessment process.
Yes, that's what I heard too.
I mean they still have SCIM which allows you create/remove user accounts via API. Although that's still security relevant, giving at least SSO out for free would help already. Still, I would prefer something that does not relate to security.
What do you mean with Docker? I saw on their page that they offer SSO on the highest tier, so they do not look solely on ARR then?!