Unfortunately, cloud data breaches still happen frequently, so why haven't more vendors in the business cloud storage space focused more on solving this problem? SpiderOak Groups (which begins at $90 per month for 10 users) is one such service that is dedicated to security.
Their "zero-knowledge" policy dictates that not even the company will be able to access your data because of your encrypted log-in credentials.
This is an attractive feature for not only security analysts but for everyone.
However, while going all-in on security is a good example, the rest of SpiderOak Group's offering still comes in behind Dropbox Business, our Editors' Choice in business cloud storage, which did well on security but better on integration and collaboration.
However, zero-knowledge also causes some wrinkles when SpiderOak Groups is used as a general-purpose business cloud backup solution.
This reason has kept it behind Arcserve UDP Cloud Direct, our Editors' Choice winner in that category, which didn't do as well on security but excelled in backup functionality, disaster recovery (DR), and ease of use.
To help with security, SpiderOak Groups maintains its own hardware and data centers with redundant power, generators, battery backup, cooling, and multiple Tier-1 uplinks.
This way, there's never a question about where your data is being stored and who has access to it.
This is a strategy in direct contrast with providers such as Jungle Disk, which actually store your files in third-party data centers from vendors such as Amazon Web Services (AWS) and Rackspace.
User Interface and Performance
At its core, SpiderOak Groups is a backup program that's broken down into three sub-components: Backup, Sync, and Share.
Backup is purely a backup solution and works to move data into the cloud.
Sync is more like what a user would expect from a file-sharing application such as Dropbox Business.
By default, SpiderOak Groups designates "the Hive" as the primary folder to which files are automatically synced between devices.
Other sync folders can be designated as well from the Sync tab of the desktop app.
There aren't a lot of frills in the app and that is the intent.
The mission is to secure your data and keep it private.
The desktop app does this with ease.
"Share Rooms" are the only available sharing option for SpiderOak Groups.
There are no passwords here aside from the room key embedded in the shareable URL, so having access to that link is a license to read the shared file.
It's worth mentioning that the URL is unique and accessible by HTTPS only, so the file does need to be deliberately shared to gain access.
It would be nice to have something in the middle where an optional password can be assigned in case a link goes astray.
SpiderOak Groups extends beyond SpiderOakONE (its single-user, consumer-oriented offering) to include group and user management.
For administrators, other users' data may be accessed and retrieved in the instance when a team member is unavailable.
A "purge hold" may also be initiated to ensure any removed data is retained for a specific period.
This can be used effectively as a legal hold option.
Much like similar solutions, SpiderOak Group's sync client detects changes as they occur and queues them for backup on schedule.
This is configurable and occurs in the background with some tight controls available to those that like to tweak.
An alternate local backup location can be specified as well.
For instances where full recovery could take a while, this can serve as a secondary precaution without breaking the encryption that the software offers.
Platforms
The major desktop platforms SpiderOak Groups supports include Apple OS X, Linux, and Microsoft Windows.
Each one adheres to the zero-knowledge policy touted in SpiderOak Group's marketing.
All information is encrypted on the source system before being uploaded to SpiderOak's data centers.
Once there, there are several options beyond the desktop client for accessing your data.
The web interface offers a straightforward user interface (UI) for managing sync folders and share rooms.
Files that are shared in The Hive are also accessible to be downloaded from here.
It's worth noting that any information accessed from the web interface creates a temporary scenario in which SpiderOak's servers can read your data.
It is best to keep that in mind when retrieving information from here.
The mobile app is easy to use but is only for accessing files already synced to the Hive, which could be an awkward limitation in some scenarios and places SpiderOak Groups slightly behind offerings with more advanced mobile clients, such as Box (for Business).
Accessing a file is as simple as tapping the folder and file you want to access.
There is no ability to upload files, which limits its usefulness but it is there in a pinch.
The same limitations on security apply here as well.
Integration and Security
As of this writing, SpiderOak Groups has no user-accessible integrations available and, according to the company, they're not on the horizon.
Integrations rely on application programming interfaces (APIs) which increase the surface area for attack, and SpiderOak Groups has not yet developed a good solution to offer these while maintaining its lead in the security area.
Upgrading to the enterprise option does allow Lightweight Directory Access Protocol (LDAP) synchronization as well as an on-premises identity management option, but this isn't available in SpiderOak Groups.
This limits SpiderOak Groups from participating in the larger ecosystem of solutions available today, but security and privacy often come with a price.
Even SpiderOak Group's laser focus on security isn't without some caveats, though.
The desktop app is where the zero-knowledge policy is enforced.
The moment you deviate from the desktop apps, however, the lines start to get a little fuzzy.
The mobile app states that accessing data through it no longer guarantees you're the only one who can look at your data.
So, mobile means there's little beyond having the password to reading your data.
Surprisingly, for a company focused on data security, we found two-factor authentication (2FA) still in beta at the time of this writing and not yet available to all users.
SpiderOak Groups does meet the major check boxes for compliance, however.
The company says the Health Insurance Portability and Accountability Act (HIPAA), Service Organizational Control (SOC), and ISO 27001 are all met and exceeded in many cases.
Still, while you can't complain much about security when using SpiderOak Groups, other items that a small to midsize business (SMB) might like to see are often missing.
Remote Wipe, for instance, or any strand of mobile device management (MDM) for that matter, is nowhere to be seen.
There is also no ability to add Digital Rights Management (DRM) without a third-party tool.
There are some tight controls surrounding abilities to delete backed-up data, however, and data-retention policies can be set on a per-user basis, which is nice.
Backup Options
SpiderOak Groups has two basic modes for backing up data.
The first is a scheduled backup where a user can select one or more groupings of folders to back up to the cloud.
By default, the schedule is automatic and is set based on how frequently data is changed.
Effectively, this results in a continuous, incremental backup strategy.
Optionally, this can be changed to be anything from five minutes to 48 hours.
The second mode for backing up data is by using sync folders, which sync as files are changed.
Which mode you choose is mostly a matter of preference but the sync folders tend to be more accessible.
Files are where SpiderOak Groups stops, however.
Unlike other competing products, there are no options for backing up specific business apps such as mail or database servers.
While this could be achieved by archiving these systems first and including the backup folders in SpiderOak Group's backup plan, this adds extra steps to the backup and recovery process.
Also, there is no option for a full-system recovery.
Additional tools would need to be used to image the workstation or server.
When it comes time to recover data to a new system, there are quite a few options at an admin's disposal.
While the easiest option is to simply download the client to the new system and sign in as the user, it is also possible to retrieve another user's data by using the management console.
This is especially handy in the instance where someone may leave the company and another employee needs to inherit a data set.
The feature works cleanly while maintaining a significant degree of security throughout the process.
Overall, SpiderOak Groups is not a replacement for other popular file-sharing and collaboration tools such as Box and Dropbox, but that is not its focus.
SpiderOak Groups adds some basic team-sharing options and combines them with data backup, although it doesn't try to be a one-stop backup solution.
It does, however, excel in protecting user data.
When airtight security and privacy are needed, that's when SpiderOak Groups is the clear choice.
If that's your focus, then you can try it with a free 14-day trial that's available on the website.
Pros
Controllable encryption keys
Robust privacy and security features
Is compliant with HIPAA, SOC, and ISO
Cons
Lacks auditing and sharing features
Does not integrate with other systems
Lacks native support for SQL Server and Exchange apps
The Bottom Line
SpiderOak Groups will keep your data safe and secure with its privacy and security options.
But it lacks many of the features and app-specific backup options of its competitors, including collaboration and virtualization.
Unfortunately, cloud data breaches still happen frequently, so why haven't more vendors in the business cloud storage space focused more on solving this problem? SpiderOak Groups (which begins at $90 per month for 10 users) is one such service that is dedicated to security.
Their "zero-knowledge" policy dictates that not even the company will be able to access your data because of your encrypted log-in credentials.
This is an attractive feature for not only security analysts but for everyone.
However, while going all-in on security is a good example, the rest of SpiderOak Group's offering still comes in behind Dropbox Business, our Editors' Choice in business cloud storage, which did well on security but better on integration and collaboration.
However, zero-knowledge also causes some wrinkles when SpiderOak Groups is used as a general-purpose business cloud backup solution.
This reason has kept it behind Arcserve UDP Cloud Direct, our Editors' Choice winner in that category, which didn't do as well on security but excelled in backup functionality, disaster recovery (DR), and ease of use.
To help with security, SpiderOak Groups maintains its own hardware and data centers with redundant power, generators, battery backup, cooling, and multiple Tier-1 uplinks.
This way, there's never a question about where your data is being stored and who has access to it.
This is a strategy in direct contrast with providers such as Jungle Disk, which actually store your files in third-party data centers from vendors such as Amazon Web Services (AWS) and Rackspace.
User Interface and Performance
At its core, SpiderOak Groups is a backup program that's broken down into three sub-components: Backup, Sync, and Share.
Backup is purely a backup solution and works to move data into the cloud.
Sync is more like what a user would expect from a file-sharing application such as Dropbox Business.
By default, SpiderOak Groups designates "the Hive" as the primary folder to which files are automatically synced between devices.
Other sync folders can be designated as well from the Sync tab of the desktop app.
There aren't a lot of frills in the app and that is the intent.
The mission is to secure your data and keep it private.
The desktop app does this with ease.
"Share Rooms" are the only available sharing option for SpiderOak Groups.
There are no passwords here aside from the room key embedded in the shareable URL, so having access to that link is a license to read the shared file.
It's worth mentioning that the URL is unique and accessible by HTTPS only, so the file does need to be deliberately shared to gain access.
It would be nice to have something in the middle where an optional password can be assigned in case a link goes astray.
SpiderOak Groups extends beyond SpiderOakONE (its single-user, consumer-oriented offering) to include group and user management.
For administrators, other users' data may be accessed and retrieved in the instance when a team member is unavailable.
A "purge hold" may also be initiated to ensure any removed data is retained for a specific period.
This can be used effectively as a legal hold option.
Much like similar solutions, SpiderOak Group's sync client detects changes as they occur and queues them for backup on schedule.
This is configurable and occurs in the background with some tight controls available to those that like to tweak.
An alternate local backup location can be specified as well.
For instances where full recovery could take a while, this can serve as a secondary precaution without breaking the encryption that the software offers.
Platforms
The major desktop platforms SpiderOak Groups supports include Apple OS X, Linux, and Microsoft Windows.
Each one adheres to the zero-knowledge policy touted in SpiderOak Group's marketing.
All information is encrypted on the source system before being uploaded to SpiderOak's data centers.
Once there, there are several options beyond the desktop client for accessing your data.
The web interface offers a straightforward user interface (UI) for managing sync folders and share rooms.
Files that are shared in The Hive are also accessible to be downloaded from here.
It's worth noting that any information accessed from the web interface creates a temporary scenario in which SpiderOak's servers can read your data.
It is best to keep that in mind when retrieving information from here.
The mobile app is easy to use but is only for accessing files already synced to the Hive, which could be an awkward limitation in some scenarios and places SpiderOak Groups slightly behind offerings with more advanced mobile clients, such as Box (for Business).
Accessing a file is as simple as tapping the folder and file you want to access.
There is no ability to upload files, which limits its usefulness but it is there in a pinch.
The same limitations on security apply here as well.
Integration and Security
As of this writing, SpiderOak Groups has no user-accessible integrations available and, according to the company, they're not on the horizon.
Integrations rely on application programming interfaces (APIs) which increase the surface area for attack, and SpiderOak Groups has not yet developed a good solution to offer these while maintaining its lead in the security area.
Upgrading to the enterprise option does allow Lightweight Directory Access Protocol (LDAP) synchronization as well as an on-premises identity management option, but this isn't available in SpiderOak Groups.
This limits SpiderOak Groups from participating in the larger ecosystem of solutions available today, but security and privacy often come with a price.
Even SpiderOak Group's laser focus on security isn't without some caveats, though.
The desktop app is where the zero-knowledge policy is enforced.
The moment you deviate from the desktop apps, however, the lines start to get a little fuzzy.
The mobile app states that accessing data through it no longer guarantees you're the only one who can look at your data.
So, mobile means there's little beyond having the password to reading your data.
Surprisingly, for a company focused on data security, we found two-factor authentication (2FA) still in beta at the time of this writing and not yet available to all users.
SpiderOak Groups does meet the major check boxes for compliance, however.
The company says the Health Insurance Portability and Accountability Act (HIPAA), Service Organizational Control (SOC), and ISO 27001 are all met and exceeded in many cases.
Still, while you can't complain much about security when using SpiderOak Groups, other items that a small to midsize business (SMB) might like to see are often missing.
Remote Wipe, for instance, or any strand of mobile device management (MDM) for that matter, is nowhere to be seen.
There is also no ability to add Digital Rights Management (DRM) without a third-party tool.
There are some tight controls surrounding abilities to delete backed-up data, however, and data-retention policies can be set on a per-user basis, which is nice.
Backup Options
SpiderOak Groups has two basic modes for backing up data.
The first is a scheduled backup where a user can select one or more groupings of folders to back up to the cloud.
By default, the schedule is automatic and is set based on how frequently data is changed.
Effectively, this results in a continuous, incremental backup strategy.
Optionally, this can be changed to be anything from five minutes to 48 hours.
The second mode for backing up data is by using sync folders, which sync as files are changed.
Which mode you choose is mostly a matter of preference but the sync folders tend to be more accessible.
Files are where SpiderOak Groups stops, however.
Unlike other competing products, there are no options for backing up specific business apps such as mail or database servers.
While this could be achieved by archiving these systems first and including the backup folders in SpiderOak Group's backup plan, this adds extra steps to the backup and recovery process.
Also, there is no option for a full-system recovery.
Additional tools would need to be used to image the workstation or server.
When it comes time to recover data to a new system, there are quite a few options at an admin's disposal.
While the easiest option is to simply download the client to the new system and sign in as the user, it is also possible to retrieve another user's data by using the management console.
This is especially handy in the instance where someone may leave the company and another employee needs to inherit a data set.
The feature works cleanly while maintaining a significant degree of security throughout the process.
Overall, SpiderOak Groups is not a replacement for other popular file-sharing and collaboration tools such as Box and Dropbox, but that is not its focus.
SpiderOak Groups adds some basic team-sharing options and combines them with data backup, although it doesn't try to be a one-stop backup solution.
It does, however, excel in protecting user data.
When airtight security and privacy are needed, that's when SpiderOak Groups is the clear choice.
If that's your focus, then you can try it with a free 14-day trial that's available on the website.
Pros
Controllable encryption keys
Robust privacy and security features
Is compliant with HIPAA, SOC, and ISO
Cons
Lacks auditing and sharing features
Does not integrate with other systems
Lacks native support for SQL Server and Exchange apps
The Bottom Line
SpiderOak Groups will keep your data safe and secure with its privacy and security options.
But it lacks many of the features and app-specific backup options of its competitors, including collaboration and virtualization.