In order to be able to guarantee the seamless integration of apps in the identity management system provided by UCS even more proficiently, we have now implemented a single sign-on for UCS function in Version 4.1. of Univention Corporate Server. Single sign-on allows a user who has authenticated himself once on an identity provider to use a wide variety of other services without the need to sign on to each of these additional services individually.
How can companies make access to their networks and applications securer and more user-friendly at the same time? What’s behind the terms SAML, multiple-factor authentication and single sign-on in this context? Cornelius Kölbel, Managing Director of our partner NetKnights, took the time to explain these technologies to us and illustrate how you can use the multiple-factor authentication solution privacyIDEA and SAML to set up a secure network on UCS plus saving employees time when signing in.
According to a survey conducted by analyst firm Statista GmbH, 44 percent of German companies have moved their business to the cloud. During the last couple of years, many cloud providers have developed different applications and the upward trend will remain steady. Our development-team from Sweden designed the business software Fortnox already in 2001, so we can confirm that the trend of moving businesses to the cloud is an upward trend. Especially, the future development is crucial because the requirements for cloud providers are growing continuously. Plenty of new suppliers are entering the cloud market every day, so the competition is increasingly high. Providers of cloud solutions have to stand out with new and innovative products otherwise they will leave the cloud market as fast as they entered it.
Univention integrated Dovecot as new default IMAP/POP3 mail server in UCS. This article gives a first overview about this integration.
Why Dovecot as default IMAP/POP3 server in UCS?
Dovecot has a focus on security, stability and performance, while complying with established standards. Similarly to Postfix Dovecot starts a couple of separate processes for different tasks. The processes can be run with different owner and group permissions to limit the impact of a security incident.
Dovecot supports several backend storage formats: mbox, Maildir and dbox. In each case it uses indices to increase access performance. Their self healing and self optimizing features reduce tedious administrative intervention and simplify backups.
Identity management (IdM) in essence refers to the management or administration of individual identities within a system, such as a company or network.
Within the corporate world, ID management refers more specifically to providing IT managers with a centralised administrative system (Identity Management System – IdMS) where company users and permission restrictions to applications such as ERP, CRM, e-mail client etc etc can be grouped together and managed collectively. The principle objective behind IdM is to improve security and protection for sensitive company data and systems, whilst simultaneously improving productivity as well as reducing costs, downtime and repetitive time consuming tasks. 
Example Set Up
What makes Identity Management Systems such as Univention Corporate Server (UCS) so useful is that they can be integrated into a whole host of systems including for example corporate phone systems like pascom’s mobydick VoIP Communications Solution as illustrated by the following video.
The latest update for the Zarafa app in the Univention App Center – to version 7.1.12 – is significant not just for Zarafa itself but also for UCS integration: the update brings you up to version 2 of the Zarafa Web app and allows the app to be installed on a UCS member server. One significant improvement is a dedicated module in the UCS management system for managing Zarafa contacts and Zarafa shared stores.
Even today, the general consensus still stubbornly persists that Open Source software is developed by ponytailed computer geeks as a hobby in the middle of the night. It’s admittedly a very romantic notion, but one which only reflects the reality to a certain extent.
The Linux Foundation recently published a very interesting document on who actually contributes to the Linux kernel. Since 2005, some 11,800 individual developers from around 1,200 different companies have contributed to the Linux kernel. The fact that recently at least 88.2% of the improvements came from people who are also paid for this work – a growing trend – is proof that more and more IT professionals are also working on Linux.
The threat level is increasing! In 2014 alone, approximately 131,000 new types of malware were discovered daily – an increase of 250% when compared to the year before. This trend is continuing unabated: 9 million samples have already been discovered in the first quarter of 2015. It is not just the quantities that are rising at a staggering rate. The methods and types of malware are becoming increasingly sophisticated and harder to detect.
For example, the current trend is moving away from malware that is distributed in the form of email attachments (e.g. trojans) towards the distribution of links to websites that are infected with malware. This makes it more difficult to detect the source, since it is no longer directly connected to the user’s email. The malware is downloaded when a link is clicked. A hacker may infiltrate a trustworthy site with the goal of planting malware on it. To the user, it is difficult to recognize a link to a trusted site as a threat. Further, the developer of the malware can put another version online at any time as soon as the previous version is detected by antivirus software.
Earlier this year, we from Zarafa, have informed our ecosystem about the direction of Zarafa’s future product development. It was one, very long newsletter where we showed how we see the world of communication & sharing. Most people only remembered one thing, though: Zarafa stops Outlook.
Something had to be done to optimize the whole process and reduce the communication efforts. But what measures would be suitable and would they really help? For this reason, I contacted some of the app developers directly, some with App Center experience and those who have just made their first app available. Where did they have difficulties during the whole app creation process and what would help them? At this point, I’d like to thank the app developers for their open feedback.