Not only since the discussions about the GDPR last year, security and data protection have returned to the attention of both companies and users. Following the trend to move as much as possible to the cloud, there are now again conflicting approaches: The “unclouding”, that is the return from the cloud to on-premise solutions on the one hand or the operation of own systems in IaaS environments (Infrastructure as a Service) on the other.
In the following, I will briefly examine the advantages and disadvantages of these approaches and show how users can operate IT services securely and, most importantly, at their own command. Naturally, the services which users can integrate into their environment from the Univention App Center play an essential role for us.
The Advantages and Disadvantages of SaaS
SaaS (Software as a Service) means that an external service provider offers software along with the required IT infrastructure; the access usually happens via web browser. The advantages for customers are obvious: they save on acquisition and operating costs and do not have to employ qualified IT personnel, who are currently difficult to recruit anyway.
There are, however, also disadvantages to this model – first and foremost a dependency on the service provider and its price model. The data is stored on the servers of the SaaS provider, i.e. in the cloud. As a customer, you have to trust the service provider to handle the data responsibly and that the service remains available in the long term. Ultimately, none of this can really be controlled, and in which data center a service is running is also decided by the SaaS service provider. How do they say again? “There’s no cloud, there’s just other people’s computers.”
The Alternative: Hybrid Environments
Not everything is always just black or white, bad or good – often the solution is in the middle, as is the case with your own cloud strategy. A mixed environment consisting of on-premise infrastructure, private and public cloud combines the advantages of both worlds. The hybrid cloud allows compliance with data protection requirements while maintaining flexibility with publicly accessible cloud applications.
Univention Corporate Server (UCS) provides a centralized identity management and thus integrates cloud services as well as applications of an existing on-premise infrastructure. This makes the system the ideal starting point for a hybrid environment in which you decide which applications run on-premise and which run in the cloud. The management takes place centrally in the Univention Management Console (UMC).
Thus, with UCS you not only have full control over data and processes, but you can also migrate your data from one cloud service to another. This makes you independent of specific vendors. In the Univention App Center there are many apps and connectors available, which you install with a mouse click and then configure conveniently via the Management Console. In this blog article, we present services and applications from our App Center with which “unclouding” becomes successful.
Identity Management and Web Single Sign-on
Microsoft’s cloud-based identity and access management service is called Azure Active Directory (Azure AD). Google’s G Suite also has integrated user and role management. Azure AD and G Suite can be used as identity providers in many other SaaS solutions, with Microsoft focusing more on IdM and Google on applications. Another vendor in this area is Okta. The American company offers a pure IdM with additional services such as SSO (single sign-on).
In the case of Azure AD and G Suite, UCS can take over the identity management upstream. The Microsoft Office 365 Connector provides UCS-managed users with access to Microsoft Office 365 features or associated Microsoft Office Desktop Software licenses. The G Suite Connector provides convenient SSO access to Gmail, Google Docs, Google Drive and Google Calendar for UCS users. Major advantage of the solution with UCS: user identities with information such as real names, passwords and additional details remain with UCS as identity provider and only mandatory information is transferred to the services of Microsoft or Google.
Online Office: Collaborating on Documents
Online office applications are not only practical for teams working together on texts, charts or presentations from different locations. When you create and edit files in the cloud, you can access them from any computer with Internet access. But it does not necessarily have to be Google Docs or Microsoft Office 365 – with Collabora Online, ONLYOFFICE and OX Documents, three powerful alternatives are available in our App Center.
Collabora Online is an online office solution based on LibreOffice. The app supports all important file formats and allows collaborative working on documents including live notifications of other users. With our App Center you can install Collabora Online in your local UCS environment. Afterwards the users get access to the Office documents via web browser. To store files, Collabora Online requires a file-sharing application. In our App Center there are three well-known solutions available with ownCloud, Nextcloud or EGroupware to be integrated into a UCS environment or, in the case of Nextcloud and ownCloud, also as virtual appliances preconfigured with Collabora and immediately ready for use.
ONLYOFFICE Document Server is another web-based platform for editing texts, charts and presentations that is compatible with Microsoft and OpenDocument formats. To work together on documents, the app contains functions for commenting, chatting and a version history. ONLYOFFICE also requires a file repository such as Nextcloud and ownCloud, so that preconfigured appliances with Nextcloud and ownCloud are also available for this solution.
OX Documents is part of Open-Xchange and requires the communication and collaboration platform OX App Suite in the background. OX Documents is the extension that takes care of text editing and chart calculations (OX Text, OX Spreadsheet and OX Presentation).
Free ONLYOFFICE given tabbed interface and other extended version features
Free open source ONLYOFFICE Document Server has caught up with the advanced version, ONLYOFFICE Integration Edition, in functionality.
Filehosting on Your Own Server
Online data repositories have become an indispensable part of our everyday work. Products such as Dropbox, Microsoft OneDrive or Google Drive allow access via a web browser or with your own (desktop) app. In addition to mere storage, it is also possible to share data with other users, which is convenient and prevents large e-mail attachments. As popular open source representatives in the field of file hosting, we recommend the above-mentioned Nextcloud and ownCloud solutions for your own server.
Nextcloud allows access via a web browser or through a dedicated app (Android, iOS, Windows, macOS and Linux). The application supports two-factor authentication and SSO, it encrypts the data on the server and during transport. Numerous integrated apps extend the range of functions. Nextcloud is available as an app or virtual appliance in our App Center.
ownCloud also offers a platform for the secure exchange of files. Users access the data with mobile apps, desktop clients or via a web interface. ownCloud supports the connection of external storage devices (e.g. Dropbox, Amazon S3 etc.), encryption on the server as well as during transport and authentication with OAuth2.
Teamwork Thanks to Groupware
Many companies and organizations use groupware solutions for the central administration of e-mails, appointments, contacts and tasks. Basically, two major SaaS vendors are competing for the users’ favor: Microsoft Exchange (with Outlook as the client) and Google’s G Suite. Alternatives are available in the App Center, mostly as web applications, but also with their own desktop clients or in combination with the Mozilla Thunderbird mail software.
The OX App Suite is a modular platform that is based on open standards. Its core are applications for managing e-mails, contacts and appointments. In addition, extensions such as OX Documents (see previous section) and OX Guard (encryption of e-mails and files) are available in the App Center. Open-Xchange is operated in the web browser; alternatively, you can use the mail software, the calendar and the contact management of your operating system.
Kopano is another open source groupware solution that you can use not only from your browser (Kopano WebApp), but also from a desktop application (Windows, macOS and Linux). In addition, you can use Z-Push to synchronize your data with ActiveSync-compatible devices (smartphones, tablets or Microsoft Outlook).
EGroupware is also a web-based open source groupware solution that combines the classic functions e-mail, address book, calendar and task management with project management, Collabora Online Office and ticket system. The data is easily available mobile per synchronization on smartphone and tablet devices.
Chat and Messenger: Communicating Better
For most companies, a (team) messenger has become an integral part of their daily work. If you take a look around away from Slack, Microsoft Teams and Circuit, you will discover some really smart open source alternatives.
Mattermost is a free web-based instant messaging service that allows chatting with individual users or groups. Team conversations are organized in open or private channels. You can use Mattermost not only through your browser, but also through desktop apps (Windows, Linux and macOS) and mobile apps (Android, iOS).
Rocket.Chat is an open source chat platform for teams. In channels or private conversations you converse through the web browser or the desktop app. There are clients for Windows, Linux, macOS, iOS and Android. In addition, iOS and Android apps are available.
Customer Relation Management
SaaS providers for CRM systems include companies such as Freshsales, HubSpot, Salesforce, Zoho and others. Those who would rather manage customer data in a cloud, but preferably in their own one, should take a look at SuiteCRM in our App Center. It is available as a virtual appliance (VMware, VirtualBox and KVM). When it comes to functionality, SuiteCRM can stand its ground against its proprietary competitors. When integrated into UCS, users benefit from the connection to the identity management system.
Kanban Board
A number of cloud services for collaboration in projects in boards with lists and cards as well as Kanban boards are now enjoying great popularity. A widespread solution is Trello, which has become part of the Atlassian product family.
Wekan is a web-based Kanban board solution that also organizes collaboration in boards, lists and cards according to the concept and principle of Trello. It supports the import of Trello and Wekan boards from other installations. As with all of the above mentioned apps, the solution is already integrated into the UCS Identity Management, so that users can conveniently be activated by the administrator through the UCS Management System.
Out of the Cloud!
As you can see, the “unclouding” or at least the operation of a hybrid cloud solution with Univention Corporate Server is possible. For important application areas – whether in companies or educational institutions – alternative solutions from different vendors can be found in our App Center.
Do you feel that an application is missing? Why not use our form and simply suggest your desired candidate.
Use UCS Core Edition for Free!
Download now
Nico Gulden studied applied computer science and works for Univention since 2010. As technical editor he is responsible for maintenance and expansion of the product documentation. His spare time is dedicated to his family, reading, outdoor activities like cycling, photography, Geocaching and voluntary work with children and young people.
