Matthew Lewis
Matthew Lewis
Press/Analyst Relations Manager
Why is OSS better than proprietary

Half of All Email Systems will be Replaced in Two Years

By | November 19, 2014
Today, Zimbra announced the results of the Ponemon Institute’s “The Open Source Collaboration Study: Viewpoints on Security and Privacy in the U.S. and EMEA” report. Sponsored by Zimbra, the study surveyed 1,398 IT and IT security practitioners to learn about their companies’ involvement in the use of open source messaging and collaboration solutions, and their views on security and privacy. According to the survey, the majority of information security and technology professionals aren’t happy with their current collaboration software, the majority of which are proprietary solutions from Microsoft and Google. And over 50 percent of US and EMEA survey respondents are planning to replace their solution within two years. When selecting a new solution, the U.… Read more »

Confidence in Estimates of Messaging

What Does TCO Really Mean?

By | November 13, 2014
As with other types of software, when IT (or any software selection team) is in the process of procuring a messaging and collaboration solution, cost enters the discussion early. But, not understanding the nuances of total cost of ownership (TCO) can add up over time, both in CapEx and OpEx. In fact, a recent whitepaper from Osterman Research found that the majority of decision makers weren’t confident in the estimates on messaging costs. The figure below provides the breakdown. Confidence in Estimates of Messaging Costs Source: Osterman Research. “The TCO of Enterprise Email” User Cost The most common expression of cost, in the software world, is the per-user license or subscription fee; however, these only account for a single aspect of software TCO and are sensitive to volume.… Read more »

One Brand, One Organization: Keys to M&A Success

By | November 12, 2014
A recent interview with Zimbra CEO, Patrick Brandt, and After Nines Content Czar, Joe Panettieri, focused on successful tech M&A strategy. To no surprise, the conversation continually came back to the role of corporate culture. In fact, Patrick made the point that it can often be one of the single most important factors in determining the success of a merger or acquisition. While it is obvious that technology alignment is crucial, the human factor is sometimes overlooked. The quicker you merge the disparate organizations into one, the easier it is for other parts of integration to move forward, i.e. sales and development.… Read more »

Zimbra Collaboration Updates (8.0.9 & 8.5.1)

By | November 6, 2014
Yesterday, Zimbra released updates to Zimbra Collaboration, both the 8.0.x and 8.5.x trees. Security These updates address the OpenSSL security advisory dated October 15 and provide a partial fix for POODLE (due to the need for both client and server changes). Zimbra Collaboration 8.0.… Read more »

POODLE and SSLv3

By | October 16, 2014
This week has brought about the latest security vulnerability. Google’s Thai Duong, Krzysztof Kotowicz, and Bodo Möller made the vulnerability — POODLE (Padding Oracle On Downgraded Legacy Encryption) — public on Tuesday, October 14, 2014. POODLE is a padding oracle attack affecting Secure Sockets Layer (SSL) version 3 and in particular, CBC-mode ciphers. This vulnerability opens the door for possible man-in-the-middle attacks. Adam Langley of Google provides some additional insight into POODLE: “This should be an academic curiosity because SSLv3 was deprecated very nearly 15 years ago. However, the Internet is vast and full of bugs. The vastness means that a non-trivial number of SSLv3 servers still exist and workarounds for the bugs mean that an attacker can convince a browser to use SSLv3 even when both the browser and server support a more recent version.… Read more »

The Shellshock Flaw

By | September 30, 2014
***Security Alert*** [Update 2 | September 30, 2014, 9:10am CST] Apple has released at update. [Update 1 | September 26, 2014, 11:40am CST] Red Hat has released a full patch. [Original Post | September 25, 2014, 1:45pm CST] Zimbra is aware and has been closely monitoring the developments of the Shellshock vulnerability. At this time, Zimbra has found no impact on our products, nor do we anticipate any. We recommend that our customers evaluate their systems for this vulnerability and to take immediate action to remediate as patches become available This flaw affects the Bash shell of Unix-based systems and does not necessarily affect the applications running on top of those operating systems.… Read more »