Disaffected, privacy-aware enterprises rushing to secure cloud storage: SpiderOak

Growing business awareness of data security requirements has driven 'zero-knowledge' data storage provider SpiderOak to target enterprise customers with an unlimited-storage plan and encrypted services that secure other types of communications, the company's CEO has said.

Noting that many businesses were moving to prevent employees from using notoriously insecure and unmanaged services like Dropbox, SpiderOak CEO Ethan Oberman told CSO Australia that the ability for companies to encrypt their data at-rest was becoming an increasingly important market differentiator.

"Privacy is a necessary feature to allow companies to embrace the cloud in a much more significant way," Oberman explained.

"They might be about to disclose a deal, and will not let their users use DropBox, period. Companies are realising they need to figure out ways to control the data and to retain privacy intact, regardless of whether that data is inside or outside the firewall."

SpiderOak's 'Zero Knowledge' encryption technology is designed and managed in such a way that its cloud service stores blocks of encrypted data with no knowledge of what they contain.

The company says even it is unable to decrypt the data – a design factor that Oberman says has become increasingly appealing for customers in the wake of Edward Snowden's revelations that the US National Security Agency is actively seeking to monitor all manner of Internet activity.

"IT departments know they have to do something" about privacy because "people are using external products regardless of what they say," Oberman explained.

"They're turning to SpiderOak as an authorised solution because they don't have to worry about privacy or security; it's already built into the product. All of our metrics have doubled, and in the current release we have seen a dramatic increase in interest from law firms, medical institutions, and large corporations who are really starting to reach out."

"If numbers continue the way they have been, we're going to grow by four times this year. It's exciting to see."

The increased demand is being driven by enterprise customers looking for large-scale encrypted data services – which, paired with the increasingly low cost of storage, had allowed the company to bring an encrypted enterprise cloud-storage offering with no data limits that could be offered at a flat rate per user.

"A lot of companies use companies like Amazon Web Services S3 as their back end provider, but we don't do that," he said. "We've been able to really control those costs and get them down to a very low cost per gigabyte."

As demand for more-secure online file sharing increases, SpiderOak is working to continue extending its zero-knowledge approach to other types of applications. Its Crypton open-source project offers its core file-management capabilities to other organisations, and will form the basis of SpiderOak's upcoming zero-knowledge open-source, cloud-based password manager and chatting applications.

Oberman sees the success of Crypton as a reinforcement of the growing importance of secure cloud-based capabilities: "we now have companies coming to us to leverage the platform and build zero-knowledge applications," he said, noting that the increased capabilities of mobile devices was making them more active participants in the process of encrypting and decrypting the content.

"The NSA scandal has pushed this issue forward and I think it's only going to continue to grow," he said. "We're seeing a whole bunch of new applications that focus on the idea of privacy, but we all do it a little differently right now."

"As end devices get smarter and smarter, it becomes a lot easier for us to do our jobs because the machines can do more of the compute. And when the server isn't doing any compute on that data, it's much easier to scale because all you're doing is scaling horizontally. This makes it easy for us to continue to grow."

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about Amazon Web ServicesAmazon Web ServicesCSODropboxNational Security AgencyNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts