SpiderOak launches secure storage cloud for businesses
New SpiderOak Blue charges are based on capacity, not users
Computerworld - Cloud storage service provider SpiderOak is taking on Dropbox, Box and other more established services with what it calls the first truly secure data backup and collaboration cloud for businesses.
There are three service levels for SpiderOak Blue, the company's new cloud storage service, which span small-to-midsize and enterprise-class businesses.
SpiderOak has had a consumer cloud storage service -- SpiderOak Orange -- since 2006 that allows consumers to back up, share and sync their data. SpiderOak's claim to differentiation is its "zero-knowledge" privacy standard, which allows users to create their own passwords so that the SaaS provider couldn't read a customer's unencrypted data even if it wanted to.
However, SpiderOak CEO Ethan Oberman pointed out that if a SaaS provider allows users to reset passwords, then it basically negates the security. "Anyone who can allow you to reset a password can get access to that password," he said.
Its new SpiderOak Blue business-class cloud places the ability to manage and reset passwords in the hands of a user company's IT administrators.
SpiderOak Blue offers a virtual appliance that places all management control into an open-source virtual machine that runs on a user company's internal infrastructure. That enables full control of all data flowing in and out of an organization through SpiderOak.
The cloud storage service then creates a central repository for management and provisioning of company data, which saves IT departments the task of administering each user account individually, Oberman said.
Companies retain complete ownership and administration of all their data, knowing that SpiderOak employees can never view the data for any reason, Oberman added.
Richard Stiennon, chief research analyst with IT-Harvest, said SpiderOak is now the only cloud storage service built from the ground up with security in mind. In a recent blog on Forbes, Stiennon wrote that other cloud storage providers "are scrambling to build security features in after the fact."
One "even talks about how they have policies in place to prevent their own employees from looking at customer data. We all know how that works out. Policies are not security. Neither are passwords," he said. "Full encryption and keys in the hands of the customer are the only way to protect data in the cloud."
SpiderOak's three services are:
- SpiderOak Blue for SMBs, which allows businesses to view all data, including information inside a built-in data auditing interface. Companies can reset passwords and view in-depth reporting inside the web-based management console.
- SpiderOak Blue OpenLicense (OL), which is aimed at universities and school, includes all the features of SpiderOak Blue but places data ownership into the hands of end users. Company administrators handle general information -- including user statistics and the amount of data stored per account. However, SpiderOak Blue OL does not provide any method of changing or resetting user passwords -- end users remain responsible for their passwords.
- SpiderOak Blue Plus, which is designed for large enterprises and includes a virtual appliance that places all management control into an open-source virtual machine (VM) that runs on company infrastructure, enabling full control of all data flowing in and out of an organization through SpiderOak.
SpiderOak Blue Plus offers user account integration with Microsoft Active Directory, OpenLDAP, and RedHat Directory Server. Directory group membership provides SpiderOak account entitlement. It also offers integrated password management via either LDAP bind or RADIUS (e.g. RSA SecurID).
Users on company-defined LDAP groups are automatically visible inside SpiderOak's web-based management console.
Pricing for SpiderOak's Blue service starts at $400 per terabyte of capacity, regardless of how many users or systems access the data.
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Cloud Storage in Computerworld's Cloud Storage Topic Center.
- IDC: Eliminate Shortcomings in Your Cloud Architecture with Smarter Storage This white paper demonstrates how IBM Smarter Storage provides customers with an ideal, proven platform for cloud computing. IBM has a differentiated storage...
- Leveraging Endpoint Backup for Legal Holds & E-Discovery Learn how enterprise endpoint backup can satisfy data collection and preservation requirements in a more streamlined and cost-effective manner than traditional e-discovery methods.
- Checklist for Enterprise-Readiness--Why CrashPlan Ranks #1 for Enterprise Endpoint Backup Read on for a list of Netskope's key criteria that led to CrashPlan's top placement.
- Review: Box beats Dropbox - and all the rest - for business Box trumps Dropbox, Engyte, Citrix ShareFile, EMC Syncplicity, and OwnCloud with rich mix of file sync, file sharing, user management, deep reporting and...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cloud Storage White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!