Kolab has been designed with security in mind from day one. This is reflected in the reliance on strongly secured network protocols and the ability to secure every individual functional component as required for its threat scenario.

Limiting Attack Surfaces and Exposure

With Kolab, even the compromise of a single functional unit does not automatically mean the compromise of the entire server and its data. The individual components only run with the credentials of any given user and can be individually secured and zoned in sealed-off networks along with the definition of control points for all interactions.  There are never escalated privileges in user accessible systems. So a realistic scenario would result at most in the capture of any one user’s information – possibly only to discover that the user made use of state of the art S/MIME or OpenPGP encryption capabilities.

Only the best and most secure individual components are typically chosen for each task which due to their openness enable and often have been subjected to intense auditing for years. As a result Kolab has an advantage over many other solutions even in the likelihood of such a limited, graceful failing of security.

Perfect Forward Secrecy

All connections to Kolab can be further secured with Perfect Forward Secrecy (PFS) against attackers with physical access to networks, so that even the possession of the private encryption key does enable attackers to decrypt previously recorded content.

Experts are here to help to you

Kolab Enterprise ships security updates up to twice daily to mitigate all new threats as quickly as possible. All common tools for traffic analysis, Intrusion Detection & Prevention can be applied against a Kolab server and Software Defined Networking for defence in depth is available on request.

Some of the world’s best security competency is available through the Kolab Systems company group, offering to deploy Kolab Enterprise on hardened systems meeting EAL4+ standards. This gives you the best possible security for your most valuable assets and peace of mind.

Track Record

Security response is often best judged by previous track record. Sometimes only speed can help.

The Heartbleed Bug made the front news everywhere around the world. From a European perspective it was published during the night of Sunday, 7. April 2014 to Monday, 8. April 2014. Kolab Systems analysed the situation and provided updated packages that fixed the vulnerability, as well as informed all its customers with a strong recommendation to update immediately.

This process was completed 8. April 2014 at 11:15 in the morning. Based on its own analysis, the Kolab Systems errata also recommended to rotate all certificates on exposed servers. The same recommendation was issued by many more security experts in the days that followed. Systems under maintenance by Kolab Systems had completed all these steps before 12:00 on 8. April 2014. Our system administrators and customers enjoyed a peaceful lunch break.