Secure-by-Default Products

We built our products from the ground up with end-to-end encryption because we believe:

  1. You shouldn't have to blindly trust your vendors.
  2. When you have something worth protecting, privacy is everything.
  3. Your data is yours, and should always be in your control.
  4. Encryption should not sacrifice usability.

SpiderOak has been building products on the principle of No Knowledge for over ten years. No Knowledge means we know nothing about the encrypted data you store on our servers. This unique design means nothing leaves your computer until after it is encrypted and is never decrypted until it is unlocked with your password on your computer. It's not just "end to end encryption;" it's a No Knowledge System.


Cryptographic protections are a requirement for every byte of your data you send across a network, and we have been implementing strong encryption for years.

  • Your Password is hashed with multi-round and salted PBKDF2. PBKDF2 uses SHA-256 with over 16000 rounds, and a 32 byte Salt of random data.
  • Your Keys are unlocked with your password. Created with AES-256 in CFB mode and HMAC-SHA-256.
  • Your Data is encrypted with a new key for each file, folder, and version of your files. This allows us to backup multiple versions of the same file for historical retrieval and recovery.
  • Your Traffic is all encrypted over TLS/SSL. All network traffic is also protected by Certificate Pinning to prevent Man-in-the-Middle attacks.

With a distributed workforce and individuals having multiple machines, you need to ensure every file is backed up, every time. SpiderOak specializes in empowering business to have complete control over their data.

  • The Management Console is a one-stop hub for granular management of users and enforcing policy. Provision and manage accounts, set group policies and permissions, and gain oversight into your environment.

  • To enable an easy deployment we integrate with management tools, and enable remote policy configuration and provisioning; complete with Active Directory and LDAP integration.

  • Our Cloud or Yours, whether you are looking for SaaS solution, or want to host your own on-premises SpiderOak server, our team will help find the right strategy for you. SpiderOak's servers are a fully ACID compliant, use a redundant clustering file system, and handle redundant files to optimize traffic and storage.


The only way to get complete adoption is with a service that "just works" and "works everywhere", which is why SpiderOak specializes in creating solutions that take the pain out of encryption software, regardless of the operating system.

  • Our apps are truly cross platform, so that you can access your data from anywhere.

  • You can share files and folders easily via our password protected ShareRooms, to make collaboration and distribution trivial.

  • Feel free to "set and forget" the SpiderOak backup client, so your files are backed up automatically from boot to power-off.