Mattermost Platform

Announcing new security and control features for remote collaboration

Millions around the world have had to switch nearly overnight to working remotely. But adopting remote work isn’t easy for every team. Deploying a messaging platform can be difficult for enterprises with high security, compliance, and control requirements.

Whether you’re communicating about confidential internal topics, connecting to mission-critical systems, or need to adhere to existing IT policies, for some organizations SaaS services may not be an option, and that’s why Mattermost gives your team the ability to self-host your messaging system. But not only do you have to get everyone onto a secure platform, you also need tools that give admins and IT teams control over people, allowing them to manage channels, permissions, and more, and data, to ensure the security and privacy of your data.

That’s why Mattermost is announcing new features in its Enterprise Edition that help remote teams collaborate while giving IT teams the granular control over both people and data. The new feature set includes user access and control features like simple SAML configuration, role-mapping from LDAP and SAML, and Guest accounts. It also includes additional security and data control features like ID-only push notifications and channel-moderation settings, adding extra security and data privacy on top of Mattermost’s secure, self-hosted architecture.

Granular control over user access and permissions

Teams are under pressure to adapt quickly to new conditions, so admins need to be able to rapidly roll out systems to help teams collaborate. At the same time, organizations need to adhere to existing IT and security policies, which necessitates granular control over user access and permissions. Mattermost allows organizations to seamlessly onboard, and granularly control usage and access in order to maintain centralized control over people within their collaboration platform.

Mattermost’s Enterprise Edition is built with these needs in mind, and these new features give admins even more power over user onboarding, access, and permissions. Onboarding users and controlling who has access to which teams or channels has never been easier thanks to:

  • Simple SAML configuration, enabling you to configure SAML faster by copying a single metadata URL from your SAML provider and pasting it into the SAML setup screen in Mattermost. 
  • Role-mapping from LDAP, allowing you to sync AD/LDAP Groups to specific Teams and Channels and the roles within them (e.g., standard members, team administrator, and channel administrator), making it easier and faster for LDAP admins to onboard users and allowing admins to keep users from accessing teams or channels they shouldn’t have access through using LDAP Groups. 
  • Manage System Admins using LDAP or SAML, which enables you to manage Mattermost system admin rights and all user privileges from one place using an LDAP filter or SAML attribute.
  • MSI Installer, a beta feature that allows the Mattermost desktop app to be installed in the program files directory that is accessible to any user who shares a Windows machine instead of a specific account.
  • Guest accounts, special user accounts that can only access the specific channels they’ve been invited to join. Guests are not able to find and join public channels. They also can’t launch direct messages or group chats with users who are not in the channels they have access to.

Maximize security and data privacy

On top of needing centralized control over people and permissions, organizations often have sensitive data that requires them to limit remote connections that might expose internal data to public networks. Some need to ensure that staff are able to connect to systems remotely over VPN, and others have strict requirements for data sovereignty and transfer. For these organizations, Mattermost’s self-hosted deployment allows them to meet these security and privacy requirements, but we are further augmenting security and privacy through new Enterprise Edition features:

  • Read-only channels, new channel-specific permissions that allow admins to create read-only channels that can be used for announcements or notifications.
  • Other channel moderation settings, additional channel moderation settings that restrict who can post or @-mention large groups in certain channels, and lock down members in a channel by only allowing the channel admin to add or remove members.
  • ID-only push notifications, a new mobile push notification option where message contents can be fetched directly from the server once a push notification is delivered to a device. Apple Push Notification Service and Firebase Cloud Messaging can’t read push notifications since only a unique message ID is sent in each notification payload. This ensures that message data doesn’t pass through public push notification services.

Mattermost is focused on delivering a high trust collaboration platform that remote teams can rely on, and we hope these new Enterprise Edition features will give admins and IT teams even more granular control over people and data.

You can try these features today by activating a free 30-day trial of Enterprise Edition.


Lauren Nguyen is the former Director of Product Marketing at Mattermost, Inc. Prior to Mattermost, Lauren ran product marketing at companies like Hustle, Pantheon, and Sauce Labs and is passionate about understanding and advocating for users. Lauren is an alumnus of Stanford University.