Following on the success of various events in 2019, we plan to continue the momentum into 2020 with a number of exciting events. Besides our own OX Summit in Europe, we’ll be participating in various IT and open source industry events and venues.
Here is an overview of some highlights in 2020:
Mobile World Congress
Barcelona, February 24-27
At MWC in February we planned to demonstrate, to telcos and mobile operators, how they can stay relevant in today’s crowded market with value-added services, based on Open-Xchange's mail and DNS solutions. We were particularly excited to introduce the latest beta release of OX COI Messenger and collect feedback. Unfortunately, the Coronavirus put a damper on this plan, and we have had to pull out in order to minimize the risk to the safety and wellbeing of all the OX folks who were scheduled to attend.
If you are a developer interested in checking out OX COI Messenger you can find more information here:
CloudFest
Rust, March 14-19
Welcome to our booth at CloudFest 2020. CloudFest embraces and celebrates the cloud industry, showcasing everything new and exciting in technology and internet innovation. Join us in a place where like-minded thinkers and visionaries collaborate to move beyond the hype and push the cloud industry forward.
OX Summit 2020
Europe, October
Over the last decade Open-Xchange has become a trusted partner to more than one hundred of the world’s leading service providers and telecommunications companies.
Our annual customer and partner gathering at OX Summit is your opportunity to join experts from telco, mobile, hosting and cable carriers to discuss the product developments, business intelligence and technology standards that are shaping innovation in our markets today.
More information to be announced soon.
Besides these key events, we will also be attending more than 15 other events across the world in 2020.
To stay up to date on where we plan to be and maybe set up a meeting with us you can find the latest event schedule here on our events page.
By Martin Heiland, Information Security Officer at Open-Xchange
Open source software (OSS) presents both a risk and an opportunity when it comes to information security. It is very different from handling proprietary, closed-source software and services, where consumers have no choice but to unconditionally trust the vendor to do the right thing. Relying on vendor assurances alone has often proven unreliable.
With OSS, however, the vast ecosystem of contributors, methods and software components allows for rapid development and quick time to market, as well as a valuable feedback channel. OSS doesn’t actually improve security by publishing code alone, but by building a community that helps enforce transparency and continuous improvement.
It can also be hard to predict the operational risks of some OSS components. Maintenance for more niche components may come to an end, for example, or maintainers go rogue. This is why it’s essential to monitor sources closely and evaluate their maturity. You can also use automated tools to check for known security issues on external components and update them when necessary. Agile methodologies make it much easier to do this efficiently and build security awareness into the daily routine of an organisation.
Components aren’t the only OSS security consideration. Many organisations use third-party sources to set up their service infrastructure, for example, pulling Dockerfiles from a public repository. This introduces the same risk at a different level, as malicious code could get injected right to the core of the development or service operations lifecycle.
Deploying locked-down, unmonitored and outdated IoT devices across an organisation is another disaster waiting to happen. Even if the software running there is usually OSS, the user is fully dependent on the vendor to take care about patching vulnerabilities – and, we now know that security is not part of most suppliers’ business models.
Open-Xchange encourages users to provide direct feedback on security issues within OX products, including external components that are being used. We aim to maintain a very low barrier of entry to do so and compensate security researchers through our ‘bug bounty programme’, as well as professional penetration tests. And, of course, being part of the OSS community works both ways – at the same time Open-Xchange looks out for vulnerabilities in external components and reports them to the affected projects.
