In my organization we r using spark for internal communication and we r using our organization server as spark server also. I need to know that how secure our conversation? Does spark stores each and every thing of our conversation at its server (in this case our organization server). Also if i keep the history on. Does it stores anywhere except my machine?
Your server is as secure as you make it. Do you have datastorage turned on the server? Does the Spark Client have chat history enabled? Are you using TLS/SSL exclusively as your connection means? Is your database secured? I think that just like any software package there is a valid point of asking how secure Wildfire is, however the tools to secure it as well as the server itself are given to you to tighten it as you see fit.
Example. My server is firewalled, will only allow TLS/SSL Communications at c2s and s2s levels. It runs on a Linux machine which has no other services running on it besides an SSL enabled web-client. I run my instance as a restricted user , etc. Some people might not tighten their boxes down as much. It all depends.
You can disable unencrypted connections and require that every client uses TLS or SSL so the network connection is secure.
Spark does store the p2p chat log files locally and not encrypted unless you don’'t disable it. So you may ask yourself how secure your client is or disable local log files.
MUC chat it not stored on client side so far.
Wildfire stores just the last 25 lines of a MUC in the database unless you enable logging of MUC.
You could also enable the audit log to trace all messages on server side in audit.log files if you want to do this and need it for further reference. So as Jeff did say you must wonder how secure your server is.