Disaffected, privacy-aware enterprises rushing to secure cloud storage: SpiderOak

Growing business awareness of data security requirements has driven 'zero-knowledge' data storage provider SpiderOak to target enterprise customers with an unlimited-storage plan and encrypted services that secure other types of communications, the company's CEO has said.

Noting that many businesses were moving to prevent employees from using notoriously insecure and unmanaged services like Dropbox, SpiderOak CEO Ethan Oberman told CSO Australia that the ability for companies to encrypt their data at-rest was becoming an increasingly important market differentiator.

"Privacy is a necessary feature to allow companies to embrace the cloud in a much more significant way," Oberman explained.

"They might be about to disclose a deal, and will not let their users use DropBox, period. Companies are realising they need to figure out ways to control the data and to retain privacy intact, regardless of whether that data is inside or outside the firewall."

SpiderOak's 'Zero Knowledge' encryption technology is designed and managed in such a way that its cloud service stores blocks of encrypted data with no knowledge of what they contain.

The company says even it is unable to decrypt the data – a design factor that Oberman says has become increasingly appealing for customers in the wake of Edward Snowden's revelations that the US National Security Agency is actively seeking to monitor all manner of Internet activity.

"IT departments know they have to do something" about privacy because "people are using external products regardless of what they say," Oberman explained.

"They're turning to SpiderOak as an authorised solution because they don't have to worry about privacy or security; it's already built into the product. All of our metrics have doubled, and in the current release we have seen a dramatic increase in interest from law firms, medical institutions, and large corporations who are really starting to reach out."

"If numbers continue the way they have been, we're going to grow by four times this year. It's exciting to see."

The increased demand is being driven by enterprise customers looking for large-scale encrypted data services – which, paired with the increasingly low cost of storage, had allowed the company to bring an encrypted enterprise cloud-storage offering with no data limits that could be offered at a flat rate per user.

"A lot of companies use companies like Amazon Web Services S3 as their back end provider, but we don't do that," he said. "We've been able to really control those costs and get them down to a very low cost per gigabyte."

As demand for more-secure online file sharing increases, SpiderOak is working to continue extending its zero-knowledge approach to other types of applications. Its Crypton open-source project offers its core file-management capabilities to other organisations, and will form the basis of SpiderOak's upcoming zero-knowledge open-source, cloud-based password manager and chatting applications.

Oberman sees the success of Crypton as a reinforcement of the growing importance of secure cloud-based capabilities: "we now have companies coming to us to leverage the platform and build zero-knowledge applications," he said, noting that the increased capabilities of mobile devices was making them more active participants in the process of encrypting and decrypting the content.

"The NSA scandal has pushed this issue forward and I think it's only going to continue to grow," he said. "We're seeing a whole bunch of new applications that focus on the idea of privacy, but we all do it a little differently right now."

"As end devices get smarter and smarter, it becomes a lot easier for us to do our jobs because the machines can do more of the compute. And when the server isn't doing any compute on that data, it's much easier to scale because all you're doing is scaling horizontally. This makes it easy for us to continue to grow."

Tags security

1 Comment

Jessica1Lipp19

1

"SpiderOak's 'Zero Knowledge' encryption technology is designed and managed in such a way that its cloud service stores blocks of encrypted data with no knowledge of what they contain." I do like its zero knowledge encryption technology. But i also have a couple of questions, SpiderOak doesn't know what data it stores, how will spideroak prevent people from abusing its service? What if SpiderOak receives a subpoena from any law enforcement? Btw, though Dropbox and Google Drive don't support client side encryption, you can do it yourself using EncFS: http://ninjatips.com/encrypt-dropbox-using-encfs/

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Security

Safeguard your corporate and roaming employee endpoints and mobile devices.

Latest Jobs
Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.