Teams | Collaboration | Customer Service | Project Management

Federation lets different organizations communicate directly, server to server, without routing data through a vendor's cloud. For customers in defense, government, and critical infrastructure, it is what makes cross-organization collaboration possible without leaving the sovereign or restricted environments they have already accredited.

Intelligent Search finds messages by meaning across your entire workspace, with filters that work in air-gapped environments, indexing that scales with message volume, and admin controls that keep results precise and trustworthy. Rocket.Chat now fully conforms to WCAG 2.1 Level AA across web, iOS, and Android, independently verified by two external auditors and satisfying Section 508, the European Accessibility Act, BITV 2.0, and EN 301 549.

‍For organisations operating under GDPR, NIS2, or national security frameworks, the self-hosted vs SaaS communication platforms differences come down to one question: who controls the infrastructure your sensitive data lives on?

Your security posture holds regardless of context. Voice calling is now on the Rocket.Chat mobile app, keeping operators on approved, auditable infrastructure wherever the mission takes them. Native ABAC now extends to support Virtru as an external Policy Decision Point, making channel membership a continuous reflection of live identity, not a static configuration.

If you run secure messaging at scale, you already know the problem: the information was shared, the thread exists, and nobody can find it when it counts. In high-stakes environments, scattered knowledge is a mission risk. In Rocket.Chat v8.0, we built Intelligent Search to close that gap. We stress-tested it against 1.2 million real, messy, conversational messages, the kind that actually move through operational environments, and published every result including the uncomfortable ones.

Your teams are operating in environments where leaving the approved platform is not an option. v8.3 makes sure they never have to. Federation is now production-ready, built and tested for cross-agency operations at scale. Screen sharing is now native to voice calls, keeping every conversation inside the secure perimeter. This is what mission-critical build standards look like in practice. When you build a secure environment, you account for every risk you can see.

‍For EU government organizations and critical infrastructure operators, end-to-end encryption is no longer an architectural choice — it is a regulatory obligation. NIS2, which came into force across EU member states in October 2024, explicitly requires essential and important entities to implement encryption as part of their cybersecurity risk management measures. GDPR Article 32 has required encryption of personal data since 2018.

Welcome to Rocket.Chat Labs: our way of showing what is cooking in the R&D kitchen. No polished demos on curated datasets. No slide decks dressed up as evidence. Just real engineering, real data, and the honest story of what we found. The first in a series where we open up our R&D process: what we built, how we tested it, and what we actually found.

‍Shadow IT in government is not a fringe risk — it is a systemic one. A NinjaOne survey of 400 public sector managers across the US, Europe, and Oceania found that 49% of public sector employees rely on unauthorized software to complete their work, with 52% actively bypassing security policies. Gartner estimates that shadow IT accounts for 30 to 40 percent of IT spending in large enterprises, with Everest Group putting the figure at 50 percent or more.

‍ ‍ Secure messaging for European governments is no longer a niche IT concern. It is a core requirement for operational continuity, legal compliance, and national security. The question for senior decision-makers is not whether to act, but which architecture can meet the full stack of regulatory and threat requirements simultaneously.