Just Because Your Content's Online, Doesn’t Mean It Can’t Be Private
If you’re like me you may think something like selecting a checkbox on your user profile should entitle you to content privacy. At least to the degree Google's not indexing it, perhaps. It may, it may not. But what are the considerations when you're talking about things other than embarrasing pics of you at your grandma's 78th birthday? Things like sensitive product documents for your company? That's a whole other level of privacy, indeed.
I was introduced to SpiderOak last month when the company was actively involved in the annual “World Backup Day.” The company was part of an alliance of industry leaders pushing for awareness of the importance of data storage. Speaking with the company’s CEO, Ethan Oberman this week, I learned something new: Online data can be private—really private.
Most cloud providers don’t guarantee privacy or confidentiality for user data. Explains Ethan, “Anyone who can reset your password, can, by definition see your data. “ This means that server administrators can access user passwords and user data any time. So what if you have a disgruntled, incompetent, or just plain unethical sys admin? Your confidential docs could be at risk.
Certainly, that may seem like an extreme, but in a much more conceivable scenario, what if the data hosted on your servers was subject to subpoena? In such a case, if your content is in any way accessible, it’s subject to be shared. With all this, it’s no wonder companies still have some apprehension about entrusting their confidential documents to the cloud. After all, if a given administrator can easily access your company’s confidential data, why upload it to the cloud in the first place?
Zero-knowledge Privacy Standard
Ethan explains how his company has paved a new industry standard with what it calls a “Zero-knowledge Privacy Standard.” “At no time or circumstances can we look at plain text data,” Ethan confirms. “Even under government subpoena.”Continued on the next page