It’s Time to Stop Having Zero Knowledge About Zero-Knowledge Cloud Privacy

Recently, several companies have been coming up in the news because their data has been leaked in one way or another, either by a rogue person with access to the data or by a hacker who managed to sniff up the data while the company was moving it. The results of such a catastrophe, even if the company is sincere and didn’t have anything to hide, are usually embarrassing for both the heads of the firm and its customers. Not only can secrets be revealed that way, but your clients’ information can be compromised, making them lose their trust in you.

How can you prevent such a thing from happening? Well, from one point of view, you can opt for a zero-knowledge privacy service to store your company’s information. This is something that takes a “holistic” approach to data privacy.

The new concept of the Zero-Knowledge Privacy Standard is one that allows you to have your data encrypted during and after a transaction and even while it’s being stored. The system operates through encryption keys that are not stored on-site in plain text format. Instead, you must keep the encryption key yourself to access the data, eliminating the middleman who knows everything about what you store.

Everything, from file sizes to file names, is encrypted with a unique key, letting you have control in ways that would put you ahead of other companies that struggle to keep their data secure. The only thing you need to worry about is who gets his/her hands on your encryption key.

There is only one company offering this exact kind of standard, but another one pairs up to it rather well. The two companies, starting with the one offering Zero-Knowledge data storage, are:

  • SpiderOakThis company offers the infamous “Zero Knowledge” backup solution that can protect your business’ data. It offers free storage for up to 2 GB of data and charges $10 for every 100 GB you want to store.
  • Egnyte HybridCloud This company gives you storage with a supreme level of security, encrypting everything it touches. The encryption method is SSL for “touch points,” meaning that you’ll be using HTTPS, or secure HTTP, for uploading and downloading information. 256-bit AES encryption is used for file storage, meaning that files will remain on server encrypted. You can have this storage for $24.99 a month with 5 employees and 150 GB. Their highest plan allows for 3 TB of storage and costs $12.99 per employee every month.

If you’re running a business that has a large amount of sensitive data, including client data, keep an eye on which hands the information lands on. Avoiding encryption when you have lots of sensitive data is like avoiding crosswalks at a very busy intersection and bringing all your customers along with you while jaywalking.

Like the image on this post? We got it from BigStockPhoto!
The following two tabs change content below.
Miguel Leiva-Gomez is the owner of The Tech Guy, a blog that presents futuristic and current news about technology with a light touch of humor, catering to the average consumer and prospective investor. Miguel has been working with computers and gadgets for more than a decade, working together with people to help them solve their problems and breaking down complex concepts into simple bite-sized pieces that the average Joe can chew.

6 thoughts on “It’s Time to Stop Having Zero Knowledge About Zero-Knowledge Cloud Privacy

  1. ChrisHalcon

    Thanks for bringing up this topic, Miguel. Cloud privacy is certainly very relevant for SMBs, who are increasingly leveraging cloud services. Here at Symantec, we feel that SMBs that wish to take advantage of the benefits of cloud computing must have in place appropriate security mechanisms to secure all four areas of potential security weakness: endpoint data at rest, data in transit, shared data access, and data backup. It’s also worth remember that preventing data breaches goes beyond encrypting your data in the cloud. SMBs should also consider encryption for data sent via email, data on user’s desktops and laptops and during backup.
    Chris Halcon

  2. James Wright

    Warning: Egnyte is NOT zero-knowlegde. They can get into your data with two executive members of the “Egnyte Security Council”; just read their own security white paper. The only companies, Wuala and Spider Oak, let the user have complete control over keys. Both Spider Oak and Wuala can’t even reset your password or comply with a court order to produce anything but encrypted data. Sorry, but including Egnyte is a mistake- it’s the same security as Box or Dropbox-far from zero-knowledge.

      • Amrit

        Re: Egnyte
        Egnyte is designed for teams/organizations and not solely for individual usage. Friction-less sharing is a must for this use case. Putting the onus of sharing secrets on individuals goes against this principle. Egnyte integrates with best-in-class solutions such as Sophos to satisfy end-to-end encryption needs (if needed).
        Egnyte supports sharing of content across both single and multi-user devices that range from mobile phones to tier-one enterprise storage platforms. Intelligent block delta protocols and smart de-duplication (within one account) are just two of the many essential features required to support large transactional volumes.

    • miguel_gomez

      The policy is also important. It’s not just about the strength of the encryption, but also what they encrypt and how they manage the key that’s encrypting the data.


Leave a Reply

Your email address will not be published. Required fields are marked *