MANAGED APPLICATION
Managed OpenCloud
Enterprise file sharing and real-time collaboration, fully managed on US sovereign infrastructure. Bring your own S3 or use ours.
Enterprise File Sharing Without the Complexity
OpenCloud is an open-source file sharing and collaboration platform built for organizations that need control over their data. It provides real-time document collaboration, team workspaces, granular access controls, and cross-platform synchronization — without sending your files to a third-party cloud.
With Open Edge Managed OpenCloud, we deploy, configure, monitor, update, and back up your OpenCloud instance on our US sovereign infrastructure. You get a production-ready collaboration platform without managing the servers, storage, or software underneath.
Currently running OpenCloud 5.0.2 — the latest stable release.
What You Get
A complete file sharing and collaboration platform — deployed, managed, and supported by our team.
File Sync & Sharing
- Cross-platform sync across desktop (Windows, macOS, Linux) and mobile (iOS, Android)
- No file size or count restrictions
- Resumable uploads via TUS protocol for large files
- Internal sharing with granular read, edit, and upload controls
- External sharing with password protection and expiration dates
- WebDAV integration for native file system mounting
Real-Time Collaboration
- Collabora Online web office for document, spreadsheet, and presentation editing
- Simultaneous multi-user editing with automatic locking
- Spaces — persistent team folders that survive member changes
- Delegated Space administration without global admin rights
- Full-text search with tags, filters, and live suggestions
- Integrated preview for documents, images, video, and audio
Security & Identity
- Zero Trust architecture — admins manage Spaces but cannot access content
- SSO via OpenID Connect, SAML 2.0, LDAP, or Active Directory
- Two-factor authentication (TOTP, FIDO2/U2F)
- Role-based access control with separation of duties
- Server-side encryption with customer key support (SSE-C)
- Comprehensive audit logging for all security-relevant actions
Flexible Storage
Use our S3-compatible object storage or connect your own. OpenCloud’s DecomposedS3 storage driver works with any S3-compatible backend.
Open Edge S3
Store your files on our S3-compatible object storage, deployed on the same US sovereign infrastructure as your OpenCloud instance. No egress fees, no data leaving US jurisdiction, and managed backups included.
- Included in your contract — no per-GB surprises
- US-only infrastructure (Iron Mountain VA-1)
- Managed snapshots and backups
- Encryption at rest
Bring Your Own S3
Already have an S3 provider you trust? Connect your existing storage to your managed OpenCloud instance. We configure and maintain the integration — you keep your existing storage relationship.
- AWS S3 — Connect existing buckets
- Backblaze B2 — S3-compatible API
- Wasabi — Hot storage with no egress fees
- Any S3-compatible provider — MinIO, Ceph, Cloudflare R2, and more
What “Managed” Means
You use the platform. We run everything underneath.
| Responsibility | Self-Hosted | Open Edge Managed |
|---|---|---|
| Deployment and configuration | You figure it out | We deploy and configure |
| OpenCloud version upgrades | You plan and execute | We handle zero-downtime updates |
| Storage backend setup | You configure and maintain | We configure and monitor |
| SSL certificates | You manage renewal | Automated and managed |
| Backups | You implement and verify | Automated with managed retention |
| Monitoring and alerting | You build and maintain | 24/7 Prometheus-based monitoring |
| Security patches | You track and apply | We apply proactively |
| SSO/LDAP integration | You configure | We configure and maintain |
| Scaling | You plan and provision | We scale with your needs |
| Incident response | You detect and respond | We detect and call you |
Built for Security
OpenCloud is not a PHP application bolted onto a web server. It is a modern, compiled microservices platform with security built into the architecture.
Platform Architecture
- Compiled Go binary — No interpreted scripts, no runtime code injection
- Signed containers — Cryptographic verification at deployment
- No traditional database — Metadata stored in the filesystem, eliminating SQL injection vectors
- Three-tier separation — Web frontend, application layer, and storage layer are strictly isolated
- Microservices architecture — Independent services with TLS communication
Data Protection
- Zero-Knowledge principle — Administrators manage infrastructure but cannot read user content
- Automatic versioning — Restore files to pre-attack state for ransomware protection
- Virus scanning — ICAP integration with real-time quarantine
- Metadata encryption — File names and tags encrypted alongside content
- TLS everywhere — All connections encrypted between every layer
- FIPS 140-3 validated — All encryption powered by FIPS 140-3 validated cryptographic modules from OS to container
Who It Is For
Organizations that need file sharing and collaboration without surrendering data to a third-party SaaS provider.
Replace Consumer Cloud Storage
Move off Dropbox, Google Drive, or OneDrive to a platform you control. Same sync-and-share experience, full data sovereignty, no per-user SaaS fees.
Regulated Industries
Defense contractors, financial services, healthcare, and government-adjacent organizations that need file collaboration with US data residency and audit trail requirements.
Secure External Sharing
Share files with clients, partners, and contractors using password-protected links with expiration dates — without granting access to your internal systems.
Moving from ownCloud?
If you are evaluating alternatives to ownCloud, you are not alone. A series of changes to the ownCloud project have prompted organizations worldwide to look for a new path forward.
What Changed at ownCloud
- Acquired by Kiteworks (2023) — ownCloud was acquired by Kiteworks, a proprietary US-based vendor. Existing customers are being migrated to the Kiteworks platform, and no commitments exist beyond a five-year open-source pledge expiring in 2028.
- Critical security vulnerabilities — In November 2023, three critical CVEs were disclosed simultaneously: a CVSS 10.0 information disclosure that leaked admin passwords (CVE-2023-49103), a CVSS 9.8 authentication bypass allowing unauthenticated file access (CVE-2023-49105), and a CVSS 8.7 OAuth redirect bypass (CVE-2023-49104). CISA added the first to its Known Exploited Vulnerabilities list within days.
- Stuck on PHP 7.4 — ownCloud Server 10.x still requires PHP 7.4, which reached end of life in November 2022. No PHP 8 support has been added despite years of community requests.
- Core developers left — Approximately 15 developers from the ownCloud Infinite Scale team departed in January 2025 to found OpenCloud, citing a lack of long-term commitment to open-source development under the new ownership.
Why OpenCloud
OpenCloud was built by the same engineers who created ownCloud Infinite Scale. It is a clean fork under free licenses (AGPLv3 and Apache 2.0) with no proprietary EULA on official builds, no vendor lock-in, and active development backed by the Heinlein Group in Germany.
- Modern architecture — Compiled Go binary with no PHP dependency, no traditional database, and no SQL injection surface
- Genuine open source — No dual licensing, no proprietary binary restrictions, no five-year sunset clauses
- Active development — The original oCIS engineering team continues rapid development with frequent releases
- Data sovereignty — European-founded project with no US CLOUD Act exposure at the software layer
ownCloud Classic vs. OpenCloud
| ownCloud Server 10.x | OpenCloud 5.x | |
|---|---|---|
| Language | PHP 7.4 (EOL since Nov 2022) | Compiled Go |
| Database | MySQL / PostgreSQL / Oracle required | No traditional database — filesystem metadata |
| Architecture | Monolithic PHP application | Microservices with TLS between services |
| Injection surface | PHP + SQL (multiple critical CVEs) | No interpreted code, no SQL injection vectors |
| Storage backend | Local filesystem or S3 | DecomposedS3 — native S3 with any compatible provider |
| License | AGPLv3 (open-core), proprietary EULA on oCIS binaries | AGPLv3 + Apache 2.0, no proprietary restrictions |
| Ownership | Kiteworks (US, proprietary) | Heinlein Group (Germany, open source) |
| Long-term commitment | Five-year open-source pledge, expires ~2028 | Free software — no sunset clause |
We Handle the Migration
Moving from ownCloud to OpenCloud does not have to be your team’s problem. With Open Edge Managed OpenCloud, we handle the deployment, data migration, storage backend configuration, SSO integration, and ongoing operations — so your users get a seamless transition to a faster, more secure platform without disruption.
Ready to Replace Your File Sharing SaaS?
Tell us about your team size, storage needs, and integration requirements. We will provision a fully managed OpenCloud instance on US sovereign infrastructure.