Nextcloud versus Microsoft 365
The most deployed alternative to Office365
Capabilities
To make it easy to come to an informed decision, below we provide a high-level overview of the relative strengths and weaknesses of both products.
 |
 |
|
|---|---|---|
| Pricing at 1000 users (basic to extensive option) | $19000 – $75000 | $48000 – $325,000/year |
| On-Premises/self-hosted | ||
| Easy migration Vendor lock-in means you can’t easily migrate to another solution |
||
| Open Source Access to source code means you can audit the code and adjust functionality |
||
| Access through API Enables third party apps to interact with service |
||
| Extensible through apps | Over 200 apps available |
Only interaction through limited API |
Storage and sync features |
||
| Maximum storage | Unlimited | Depends on plan |
| Max file size | Unlimited | 10 GB |
| Number of files | Unlimited | 20000 |
Infrastructure integration |
||
| LDAP/AD | any number and type of user directories | max 1 AD connection |
| SAML/Shibboleth | ||
| Other auth solutions | Kerberos, OpenID, OAuth2, CAS direct connection to Samba or MySQL and more |
None |
| File storage solutions | WND/Sharepoint/NFS/Object Storage/FTP and many more |
WND/SharePoint |
Privacy, control and security |
||
| Full Audit trail | Unlimited | Limited to 90 days for some data |
| Protection of metadata | ||
| GDPR compliance | 100% certified | Risky due to Cloud Act |
| Encryption | Always on own infrastructure | Server-side in MS data center |
Communication and collaboration |
||
| One-on-one and group audio/video chat | ||
| Data and metadata remain on-premises | ||
| Access to calls and files for third parties (guests) without account | ||
| E2E encrypted one-on-one calls | ||
Other features |
||
| Social network features | ||
| Online Office | ||
| Groupware | mail server not included |
|
| Task/project management | Kanban, task list. No GANT chart view currently |
|
| Workspaces (a collaborative space associated with each folder for context, todo lists, notes etc) |
||
| Mobile Device Management (Block devices, remote wipe, notification to devices) | ||
| Strictly enforce data and meta data locality | ||
| Limited Guest accounts | ||
| Secure Mailbox (Outlook add-in sending email body & attachments only through secure server) |
||
| Protect shares with password, expiration date | ||
| Video Verification (enforce video call with recipient to verify identity before granting access to share) |
||
| Ransomware Recovery (automated recovery of data after ransomware attack based on file analysis) |
Only time-based, after detection of ransomware based on file names. Risks overwriting useful changes and missing ransomware without predictable names. |
|
| No vendor lock-in Make it easy to migrate to another solution by using open standards |
||
