A Secure, Compartmentalized File Sync Tool
The SpiderOak Sync tool offers easy and fast file sharing and sync with guarantees of integrity, authority, and confidentiality through our use of private blockchain technology. While the mobile file sync and collaboration are similar to other public cloud solutions, SpiderOak offers a fundamentally different approach to software. Responsibility for authority, identity, integrity and confidentiality are removed from networks & servers, simplifying your threat model and giving you greater control over your organization’s security.
Most file sync and collaboration tools have significant drawbacks in either security or ease of use. SpiderOak Sync is a rare combination of best in class security with intuitive, user-friendly design. Sync is available for both on-premises deployment as well as SpiderOak hosted cloud installations to meet your needs in budget, security, and data placement.
Organizational Control of Authority, Identity, Integrity and Confidentiality.
Data messaging and storage is handled through client-based end-to-end encryption for confidentiality with the use of blockchain for managing identity, integrity, and authority. Accounts are identified by private key material held only by the user, and data is encrypted against device-specific keys held within device TPMs, HSMs, and SEs where available.
Data flows are segmented first by teams within a platform instance, and then further by channels within teams. Each segmentation is cryptographically enforced, so that users within each grouping are unable to view data in another segmentation. Administrative authority within a team does not imply any capabilities within channels, including capabilities to read or write. Only entities that have been “invited” to participate within a channel can do so, and the record of team and channel authority and membership is recorded and managed via blockchain. This use of blockchain provides an irrefutable record of which entities are allowed to administer or participate within a channel, without requiring any central point of authority to dictate these rights.
In addition, Sync supports optional features such as secure deletion, retention polices, LDAP integration, and escrow for message data and objects when it is needed for regulatory compliance.