[jph]

TLDR we chose Mattermost over Slack because of security. https://www.mattermost.com

We recently evaluated many chat systems for a large tech consulting project that includes security needs.

Slack was the frontrunner because of ubiquity, ease of use, plentiful third-party integrations, openness to free areas, and helpful in-person meetings with the Slack staff.

We picked Slack for our informal connections with external developers for non-confidential discussions.

For our own teams' use, I really like Ryver. The security is better (IMHO), the team-oriented features are stronger, and the billing is much clearer. The Ryver team is fully open to discussions about how to grow the platform and improve the security.

Ultimately the security team chose self-hosted Mattermost. We liked the combination of intranet deployability, plus a ramp toward security compliance capabilities that we do need for a few projects.

[sgehly]

Perhaps this is a bit immature of me, but I despise Ryver for their ads that they put on Twitter a few months (a year?) back where it was completely trying to discredit Slack while having a sub-par UIX itself. Maybe I'll give it another look in the near future.

EDIT: Security-wise, I would think Slack, as a bigger company, would have better security, but that's all assumption. Do you have anything to back up the idea that Ryver is more secure? If so Ill definitely give it another look.

[jph]

I agree with you about the UI/UX. For security, it depends on your threat model.

My threat model emphasizes ease of security by normal users. For example, is it easy for my teammates to see when they're in a public area or private area? Can my teammates manage access controls the ways that they want? IMHO Ryver is better at this than Slack.

My sec team's threat model emphasizes the underlying platform getting hacked. IMHO Ryver and Slack are both SaaS, so both in the same boat on this: the info is outside the firewall, which incurs legal issues, compliance issues, revocation issues, etc. I believe that SaaS providers can be excellent at security, yet the SaaS target is much bigger, and the alerting is murkier, and revocation is not thorough. This is why we chose Mattermost for secure chat.