Open source collaboration software has similar security risks to any other open source software. The main question...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
is who is responsible for maintaining, upgrading and deploying it?
Open source collaboration software has its own set of security risks, too. Some people might say security means getting several developers to scrutinize the code base -- but this hasn't always worked well.
In 2014, a serious vulnerability, known as Heartbleed, affected OpenSSL, one of the most popular open source projects that practically runs modern security over the Internet. Heartbleed was undetected in the code base for several years.
Many developers had access to the code, but none found it. Reliance on the masses doesn't always work for open source software security, which leads to the next issue when security threats are found: How do you plug these holes and maintain the code base?
If you install and operate open source collaboration software in your company, you need to keep it up to date, especially amid various security patches. The challenge is having an owner of the software -- someone who is held responsible and gives support when things go wrong.
Normally, you will use a collaboration software as a service (SaaS) vendor that develops its own open source collaboration software or maintains one. In this case, security will be the vendor's responsibility.
When you choose open source collaboration software for your organization, consider the following:
- Make sure the software comes from a company you can trust;
- Evaluate the size of the ecosystem around it;
- Follow the open source software's security advisory notifications; and
- If you opt for a SaaS vendor, see how the vendor views security and the privacy of its customers.
Do you have a question for Tsahi Levent-Levi or any of our experts? Ask your enterprise-specific questions today! (All questions are treated anonymously.)
New employee habits reshaping enterprise collaboration
Security is a top concern for collaboration in the enterprise
Getting your organization ready for open source software
Dig Deeper on Unified Communications Security
Related Q&A from Tsahi Levent-Levi
While organizations are not heavily involved in managing APIs, they should note three important roles that emerge when deploying communication APIs ...continue reading
WebRTC can offer businesses contextual information when communicating inside and outside their organizations. Learn how WebRTC communication provides...continue reading
When deploying embedded communications, some enterprises might consider CPaaS or WebRTC support. But one expert explains why CPaaS and WebRTC should ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.