SpiderOak One Backup Review | PCMag | #itsecurity | #infosec


It’s important to back up your data, but you might hesitate to use an online backup service out of concern that the company housing your data would have access to your personal files. If you’re this kind of security-conscious user, consider the privacy-focused SpiderOak One Backup. It has a no-knowledge policy, and we like the intuitive desktop application and unlimited versioning capabilities. The service charges more for online storage than competitors, but you can back up an unlimited number of devices per account. The biggest downside is that SpiderOak One Backup still does not support multi-factor authentication for web logins.


How Much Does SpiderOak One Backup Cost?

SpiderOak One Backup is free to try for 21 days, and we appreciate that the trial doesn’t require entering any credit card information. If you choose to become a subscriber, be sure to consider both the yearly monthly and yearly plans, as the options vary widely.

The prices are summarized below. Although these plans look pricey, they all support an unlimited number of devices. Any time you see “unlimited” advertised with a tech service provider, however, be aware that the company usually will enforce limits if the service is beyond used beyond a reasonable expectation of what’s provided. For example, if a service is intended for “personal” use but is clearly being used to operate a large business, the user may be found in violation of the terms.

You Can Trust Our Reviews

Since 1982, PCMag has tested and rated thousands of products to help you make better buying decisions. (Read our editorial mission.)

Additionally, SpiderOak One Backup lets you back up external hard drives, removable devices, and network volumes. Other services, such as Carbonite Safe, charge extra for these capabilities.

If you pay monthly for SpiderOak One Backup, your options are:

  • $6 per month for 150GB

  • $11 per month for 400GB

  • $14 per month for 2TB

  • $29 per month for 5TB

If you pay annually, you have more options for how much storage you can get, specifically you can get a smaller amount at a very fair cost:

  • $43 per year for 5GB

  • $55 per year for 10GB

  • $69 per year for 150GB

  • $115 per year for 400 GB

  • $149 per year for 2TB

  • $320 per year for 5TB


How Do SpiderOak’s Prices Compare?

IDrive’s $79.50-per-year Personal plan offers 5TB of online storage for an unlimited number of devices. Backblaze charges $70 per year for its unlimited storage plan, but it limits you to one computer. 

SpiderOak One Backup does not offer backup or restore options via postal mail—Backblaze, Carbonite, and IDrive all do. That option is useful in the case of accidental data loss or simply if you want to perform bulk file transfers without worrying about the security issues related to doing it over an internet connection.

SpiderOak One Backup has desktop apps for Windows, macOS, and 64-bit versions of Linux, such as Fedora and Ubuntu. It no longer offers apps for Android or iOS, however. SpiderOak’s mobile apps were only ever read-only, meaning you could view files from your saved data sets, but not back up data from your phone. Other services, including IDrive and Zoolz BigMind, allow you to back up several types of data from your mobile device.


SpiderOak One Backup app dashboard screenshot on macOS

Getting Started With SpiderOak One Backup

SpiderOak One Backup’s account setup process is simple. All you need do is download the desktop app and provide a username and password, which are used to encrypt your backups, as we explain in the next section. The apps for Windows, macOS, and Linux are the key to SpiderOak’s service since they are the only way to upload files. It is worth noting that, to update the software, you need to download the latest release from the SpiderOak website. The company explains, “Our challenge, which we have not yet solved, is to devise a system in which we can push out authentic updates yet be technically and legally infeasible for an overzealous authority to compel us to push out an update containing a deliberate weakness.” The security-conscious crowd might appreciate this policy, but others may find it inconvenient.

Although the install process is simple, SpiderOak One Backup does not guide you through the initial backup setup with a wizard. For experienced users, that’s fine, since it’s easy to find everything you need. The interface is straightforward if you understand some basic computer terminology. For newcomers, SpiderOak may be a bit overwhelming because you don’t know if the selections you’re making for which files and folders to backup will be sufficient should you ever have to restore your machine. That said, SpiderOak’s Help resources cover topics in detail. The link to those resources is in the lower-right corner of the desktop app.


Security and Privacy With SpiderOak One Backup

SpiderOak One Backup’s strength is its security practices. Its no-knowledge policy states that it has absolutely no way to access or view any of your files. In practice, this means that all traffic to and from the SpiderOak servers is encrypted via TLS/SSL and protected by certificate pinning (a method of preventing man-in-middle-attacks). In other words, no one else can see or access the contents of your files.

As mentioned, SpiderOak encrypts your backup set with your account password. It hashes your password with salted PBKDF2, a key derivation function used to prevent brute force or rainbow table attacks. SpiderOak says its encryption approach uses a combination of 2048-bit RSA and 256-bit AES. All those measures help keep your data private. It also means that no one at SpiderOak can help you reset your account password if you forget it. 

This setup is slightly different from what other online backup services use. IDrive and Acronis Cyber Protect Home, for example, allow you to set private encryption keys that are separate from the account password. The companies still can’t help you recover your data if you lose your key, but they can, at least, reset your account password.

SpiderOak One Backup deserves bonus points for transparency in its support documents and throughout the user experience. For instance, when you log into your account on the web, the site informs you in straightforward language what privacy you may be giving up as an unavoidable result of using that platform. The warning ends with the explanation that the no-knowledge policy only fully applies to the desktop application. The web interface does not support multi-factor authentication, which is another reason you might decide not to use it. As of this writing, the feature is listed as “in beta,” and it’s been that way for a few years. Many other online backup services, including IDrive, Backblaze, and OpenDrive, support this security feature.

SpiderOak’s privacy policy states that it collects three types of information: account information (username and passphrase), billing information, and device information (operating system, approximate amount of data stored on its service, IP address, any system error messages, and the date and time of each request). The company says it uses this data internally to maintain, improve, and customize the service. We appreciate SpiderOak’s statement that it “never sells your information or shares it with third-party advertisers,” which is what we like to hear. Note that SpiderOak says it will disclose information “if we believe it is reasonably necessary to comply with a law, regulation, or valid legal process,” but that’s standard practice. SpiderOak is based in the US, in Missouri.


SpiderOak One Backup Mac app

Desktop Interface

SpiderOak One Backup’s desktop app has a straightforward design and a clean blue, white, and gray color scheme. The app smartly divides its many features across five main tabs: Dashboard, Backup, Manage, Sync, and Share. From the Dashboard, you can see all the devices you’ve connected to OneBackup, and a center module shows the status of running Backup, Sync, and Share processes. A persistent storage bar at the bottom of the interface indicates how much space you have left on your account. A blue Run Now button in the corner makes it easy to start your backup from anywhere in the interface.

Tabbing to the Backup section shows suggestions for content that you might like to back up. Choices include Desktop, Documents, Favorites, Movies, Music, and Pictures. Note that these options refer only to the folder name itself. For example, selecting Music backs up your Music folder, not all the audio files on your machine.

The center of the Backup tab lets you view the folder tree of files selected for backup and add anything to that list. Unfortunately, there isn’t a disk image backup option. Acronis and IDrive both offer easy ways to back up an entire hard drive.

You can download items from the Manage tab as well as access the file history (or versions) of items in your storage backup set. The Sync tab lets you view the status of the SpiderOak Hive, a shared folder for syncing files across devices. Alternatively, you can specify two other folders on your hard drive that you would like to remain in sync with each other. Share is the last option, in which you set up ShareRooms. We’ll go into more detail on these last two sections later in this review.


Scheduling automated backups in SpiderOak One Backup

Scheduling Backups With SpiderOak

SpiderOak One Backup lets you customize your backup schedule via the Preferences menu. With the default option, Automatic, SpiderOak continuously watches your system for any changes to files—a strategy we emphatically endorse. Alternatively, it can back up files on timed intervals (every five minutes is the minimum), or at a specified time or day of the week. You can also independently schedule syncing and updates of ShareRooms.

Another option lets you include or exclude files of varying types and sizes from your backup. For example, you can exclude files that are larger than 1GB, use certain keywords in their filenames, or are older than a defined age. These options are excellent for power users.

SpiderOak One Backup doesn’t re-upload an entire file every time one little thing changes. Instead, it scans your files, finds the modified parts, and uploads the new data. As a result, it can store historical versions of your files, while minimizing the amount of space and bandwidth required. The service also de-duplicates information and condenses your files to maximize your space.

We like the convenience of right-clicking on any file or folder in Windows’ File Explorer (the same function is not supported on macOS or Linux) to quickly back it up. If a file is already backed up, SpiderOak One Backup offers a few more options, such as Make Shared File Link and Show Versions. Carbonite Safe offers a similar feature. If you don’t want to see SpiderOak One Backup options in File Explorer’s context menus, you can turn off this option in Settings under Enable OS Integration.


Syncing and Sharing

SpiderOak One Backup includes a syncing service called Hive. When you set up an account, you automatically get a folder on your machine called SpiderOak Hive, which works like a Dropbox folder. It syncs any files you add to it to other places where you have SpiderOak One Backup installed. Livedrive offers similar folder-syncing capabilities.

Sharing files and folders in SpiderOak One Backup uses a slightly convoluted but very flexible system called ShareRooms. Tap the Share tab to get started. SpiderOak first requires you to create a ShareID, which is a public username that helps people identify you when you share files with them. SpiderOak recommends that you choose a different name than your account username. Then, the app walks you through a few text fields in which you name your room, provide a description, and optionally lock it with a password. Keep in mind that to share any folder, it must already be a part of your backup set.

You can add an optional description of the room, which might be instructions or other information for your collaborators. The process feels slightly backward since you don’t actually select folders to share until near the end of the process. The last step is to verify all the information and enable sharing.

SpiderOak One Backup Mac app showing syncing and option to create a Hive

Once you set up a ShareRoom, you have to send the details to your collaborators, but there isn’t a built-in option on the desktop for taking this action, although the Share section on the web has an email option. Your friends and collaborators can only get to a ShareRoom through a unique URL or by logging into the SpiderOak website using a ShareID and RoomKey that you generate. Everyone with access can add new files and edit existing ones, and all the changes are automatically viewable to everyone else.

When you share files, SpiderOak explains that doing so breaks some aspects of the no-knowledge pact, but it’s your choice to do so. All your other data remains private and SpiderOak still has no way to view it.

You can bypass all these steps by entering the Manage tab, selecting a file, and clicking the Link button. Alternatively, you can create a share link by right-clicking on a file in Explorer and selecting Share, Make Shared File Link, Make Share Link and Copy to Clipboard, or Make Share Link and Create Email. None of these latter options, however, can be set up with a password and the link only remains active for three days. Stick with ShareRooms if you want the most protection for your shared content.


Restoring Files

Advanced users who want a lot of control over backed-up files will appreciate the way SpiderOak One Backup handles file restores. From the Manage tab in the desktop client, you can download any selected folder or file. If you want to restore a huge batch of files at once, you can pick the highest parent file or drive in the directory. The Manage tab also conveniently lets you remove items from your backup. Note that you can only remove items from your backup from the computer you originally backed them up from. SpiderOak says this policy is to prevent someone from deleting everything who gains access to your account via the web portal.

By default, SpiderOak One Backup saves an unlimited number of versions of each file it backs up, which is ideal. IDrive keeps only the past 30 versions of each file, though it does so indefinitely. SpiderOak One Backup supports point-in-time recovery—albeit via the command line or Terminal—so you should never lose access to a file you may have accidentally deleted locally.

To see all saved versions of a file, highlight it in the Manage tab. The History panel appears on the right. It places the newest version at the top, but you can select any previous version and tap the Download button to get it back. SpiderOak One Backup successfully saved each version of a file we changed several times.


Not ‘No Knowledge’ With the Web Client

As mentioned, we like that SpiderOak clearly informs you that using the web portal breaks the no-knowledge pact. It’s a tradeoff. You can have the convenience of a web app, where you can quickly and easily retrieve or restore your files, or you can have guaranteed no-knowledge privacy. You don’t have to use the web app after all, unless you suffer a data loss for which the only way to get back your files is through the web app.

The web app doesn’t seem like it’s built for regular usage, the way, say, Dropbox’s website is. Rather, SpiderOak One Backup is far less functional when you use it in a web browser compared with the desktop app.

SpiderOak One Backup web app with image preview

From the web interface, you can access four sections: Hive, Manage, Share, and Account. Hive lets you view and download any of the files stored in the Hive folder, although you can’t upload anything to this folder from the web. The Manage section lets you view available folders that you’ve backed up, preview images, and download files, as well as deauthorize any computers you have linked to your account. There’s no search feature here, so you’d better know where your relevant files live. The Share section enables you to view all your ShareRooms and download files from them. From Account, you can update your email address, password, and change your subscription plan, including canceling it.

The Account section also might someday be where you can enable multi-factor authentication. There’s an area for it, but it’s been either unavailable or in beta for years now. The lack of multi-factor authentication is disappointing and curious for a company that caters to the privacy- and security-conscious crowd. 


How Fast Does SpiderOak One Backup Upload Files?

To test an online backup service’s performance, we time how long it takes for them to upload three 1GB file sets. We then take the median of results for comparison. We don’t have access to PCMag’s corporate testing network due to the ongoing COVID-19 pandemic this year—we’re working from home, like so many other people—so our tests are being performed on home networks. This most recent test was run in 2021 using a home Ethernet connection (16Mbps upload). We used a Dell Inspiron tower running Windows 10 with a 256GB SSD and 32GB RAM. Your individual results may vary, as differences in network environments and system resources will likely affect performance.

Online Backup Upload Speed Test Chart

SpiderOak One Backup took slightly longer than average to complete the test with a time of 16:11 (minutes:seconds). IDrive (12:29) and ElephantDrive (12:44) finished in the top two slots. SpiderOak One Backup was about six minutes quicker than last place finisher NovaBackup (22:14).

Backup time will matter most when you are running the process for the first time on a computer, but faster backup speeds make the process that much more convenient. A SpiderOak representative noted that the service optimizes for security and privacy, more than upload speed, which is one potential explanation for these slower results.


Privacy First With Plenty of Control

SpiderOak One Backup takes privacy seriously, and if that’s your primary concern in a backup tool, it’s one of your top options. Its desktop app is also one of the best we’ve tested, with a slick, yet straightforward design. SpiderOak’s online storage prices are a bit high, but every plan supports an unlimited number of devices and enables you to save an unlimited number of file versions, too. The service needs to add multi-factor authentication options for web logins, however, and we would like the option to back up mobile devices.

IDrive and Acronis True Image are our Editors’ Choice winners for the online backup category. IDrive’s plans are an excellent value and Acronis True Image security and backup features are impressive.

If you don’t feel comfortable storing your data online, take a look at our roundups of the best local backup software and external hard drives.

Pros

  • Strong privacy features

  • Supports an unlimited number of computers per account

  • Excellent versioning capabilities

  • Includes file-sharing and folder-syncing options

  • Well-designed, full-featured desktop application

View More

The Bottom Line

SpiderOak One Backup offers top-notch security features and flexible backup options. It costs more than many competitors, but it does not impose any limits on the number of PCs you can back up with each account.

Like What You’re Reading?

Sign up for Lab Report to get the latest reviews and top product advice delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.





Original Source link

Leave a Reply

Your email address will not be published.

12 − seven =