Notes about security.

Beyond making sure each component is secure and updated, we need to make sure integrations are secure. For some groups there might also be further interest in SIP TLS and SRTP/zRTP for securing VoIP communications (FreeSwitch, Jitsi, Qutecom, Blink, SFL Phone support this). Likewise, LDAPS will definitely be needed when VPNs or NAT aren't possible between servers. Perhaps a challenge will be to manage keys and certificates for the organisation; ClearOS does provide such management interface for example.

User training

Physical security

Data loss

Passwords

Encryption

Brute-force attacks

SMS

https://securityinabox.org/en/textsecure_main

Of just use CyanogenMod:
http://www.cyanogenmod.org/blog/whisperpush-secure-messaging-integration

Security of the components

ClearOS

Kolab

Thunderbird

Jitsi

Tiki