Access and security

Only teams on the Unlimited plan will have access to these settings. If you have any other questions regarding access and security, please scroll down to the FAQ section at the bottom of this article.

How to edit your security settings

Only admins can edit security settings for a team.
  1. Make sure you're logged into an admin account for your Twist team.
  2. Click your team name in the top-left corner.
  3. Select Settings & members.
  4. Select Security in the left-hand menu.
  5. You now have three settings that you can choose to enable or disable:
    • Prevent members from inviting others: This prevents members from inviting users from outside your team.
    • Prevent members from inviting guests: This prevents your team members from inviting users who aren't part of your team directory to a channel as a guest.
    • Prevent members from installing third-party integrations: This prevents your team members from installing third party integrations for your team.
  6. Once you've made all necessary updates, click Update in the bottom-right corner.
The above settings will not be applied retroactively. This means that:
  • If you already have guests in your team, these guests will remain in your team, even if you disable the option for your team members to invite guests. If you would like to remove these guests, you can do so manually.
  • If a team member has sent out an invite link and you then disable the option for members to invite guests to your team, this invite link will still work.


Is Twist available as self-hosted or on-premise?

We don't offer Twist as self-hosted or on-premise because we want to give our users and admins the best possible experience. In general, improvements to the Twist experience would be slower and likely less secure. Here are some more details:

  • We want to keep your Twist up-to-date at all times. Unfortunately, it would become more complicated to push updates to you if you were using an on-premise solution.
  • Twist currently has excellent security and it would be complicated to ensure we extend that same level to an on-premise solution.
  • Mobile access and service integrations would become more complicated.
  • An on-premise solution would certainly be more expensive for you.

Which locations do you use for AWS?

United States.

Is it possible to store all data only on EU based locations?

Not at this time.

Which kind of encryption do you use?

We are using the server-side encryption capabilities provided by Amazon (AES-256).

Is the data end-to-end encrypted or are you able to decrypt the data on your servers?

It is not encrypted end-to-end. Please see our security page for more information about data decryption and our data policy.

Can team admins read team members' private data?

Team admins can not read any private data they can't access themselves (e.g. private channels or conversations). So if you're a team member and you have a private conversation, channel, or thread, it will only be visible to those who are explicitly invited and nobody else.