Tag Archives: ldap

Now Hiring –> Sales Engineer!

We are looking for an energetic person-friendly hacker to join the SpiderOak team in the role of Sales Engineer. As SpiderOak Blue gains significant traction in the enterprise market, we are noticing an increasing need to bring these companies online in a faster and more efficient manner. As an example, one day you may be configuring a virtual machine to authenticate 20,000 users against SpiderOak while the next integrating patches by some of our development partners into our directory sync code base.

Our ideal hacker is first and foremost a considerate communicator. This hacker is going to be the primary smiling face to our technical contacts with our Blue customers and partners, and we expect our hacker will represent our tribe well. Our Blue customer base includes Fortune 500 companies, US & foreign government agencies, and large US & foreign educational institutions. Our hacker will be comfortable being the primary point of contact with technical and senior IT staff within these organizations. Unhappy customers should create an appropriately unhappy hacker.

This hacker will be responsible for managing and communicating timelines and problems (and their interrelation) to both internal SpiderOak staff and that of our customers. We should be able to randomly quiz our hacker of the status of ongoing trial and live programs and she should be able to respond usefully (allowing for research). Our hacker will be the nexus hub for the technical on-boarding process of new Blue accounts and should be appropriately self-organized.

This hacker will also be comfortable with a variety of Linux-based server technology. Our software is distributed as code on an Ubuntu virtual appliance, so our hacker will be perfectly happy hacking away on Python code to eventually run on Ubuntu. This hacker will also be comfortable configuring said Ubuntu system. Bonus points for a background involving developing against an alphabet soup involving LDAP, RADIUS, MS AD, or SAML.

SpiderOak’s a distributed company; as such, our ideal hacker is a first-rate communicator. Our hacker will be commonly available during the US working day on our secret awesome undisclosed IRC channel as well as via phone and/or skype. Our hacker will raise a fuss if something beyond their control is blocking their projects; however, our hacker will be a problem solver and be more than up to making the impossible hack come to reality. They will jump at the chance to travel to work with other SpiderOakers, with key cities being Kansas City, MO, Chicago, IL, and San Fransisco, CA. Civility and “work-togetherness”, especially but not limited to strangers, is required. Effectively managing one’s self is also a key requirement; nobody will be looking over our hacker’s shoulder while they work. A sense of humor is appreciated.

Specifically in this case, our hacker will be working most closely with our teams in Chicago and KC such that being close or willingness to travel to these locations is important and especially toward the beginning.

Still interested? Send an email to jobs@spideroak.com including “sales engineer” in the subject with a little about yourself and your experience to date (a ‘cover letter’ if ou will). NOTE: Resumes are not required as who you are is more important that what your resume may or may not say. If we enjoy your thoughts and feel like you will be a good fit, we will send you a small task to complete. Please do be sure to tell us a bit about yourself, what you can do, and why you’d like to work for us. English only, please.

We know there’s talent in everyone regardless of what little papers might say, so we have no “minimum” requirements for degrees. We’re also super-equal-opportunity: quality hacking knows no bounds for race, gender, nationality, sexual orientation, species*, or religion. If you can meet what we need, we’ll do amazing things together, no matter who, what, or where you are.

* We encourage kangaroos that can deliver lattes in their pouches.

SpiderOak: Blue for Enterprise

Imagine yourself the CIO of a major company, walking down the street and thinking (as CIOs tend to), “gosh, I love SpiderOak, but it’s just too awkward to use across my company!”

At this point, I teleport in. “But wait!” I exclaim. “We’re now working on a solution just for you and your business! SpiderOak Blue!”

More seriously, we understand centralized management and provisioning will make or break a product geared for the business market; after all, who has time (or the money to pay for the time) to go and individually administer each unique SpiderOak user account? What if Bob and his laptop both wind up under the bus? How will you get Bob’s work data back?

Here at SpiderOak Business Labs, we’ve looked at the problem from the perspective of data ownership. Our consumer oriented product places ownership in the hands of the end-user. The user is the only one with the keys to unlock and look at plaintext data. And whereas this is the perfect scenario in the consumer world, it breaks down in a business setting where ownership of the data belongs to the company. And even still, perhaps you are a university wanting to purchase accounts for your student body in bulk. Of course you want the ability to maintain the accounts but also have no visibility into the plaintext data itself. We have worked hard and been successful in suitably covering all of the above cases and more.

So how does all this work? How does SpiderOak allow companies to retain ownership of the data while never having plaintext visibility? To answer that question, we turn to our ‘Zero-Knowledge’ privacy policy and encryption methods – all of which make this an interesting system to support. We’ve developed two distinct methods – both of which keep SpiderOak ‘Zero-Knowledge’ while letting the organization retain full-knowledge.

If you then add the complexity and pain around managing both individual user accounts as well as companywide deployments, you add yet another layer. So – we have created a system where administrators gain full control of SpiderOak from one central location.

With no further ado, dear and humble reader, may I introduce to you…

SpiderOak: Blue

What does this get you? Let’s take a look at the feature list.

Base Features:

  • The same capabilities and meaningful privacy guarantees as our consumer product (‘Zero-Knowledge’ privacy standard)
  • Central, easy-to-use web-based management console allowing user provisioning, group permissions, space management, and user reporting
  • Selective enable/disable of web and mobile access to SpiderOak accounts.
  • Bulk creation and management of user accounts (along with editing and downloading via CSV)
  • Detailed reports on user activity and problems across your deployment
  • You only buy space, and divide it among your users as you see fit. No silly per-user or per-device fees, or charging you extra to backup a server. Plain and simple pricing.
  • Ability to follow policy-set permissions in the Windows Registry (on Windows), or as a text file in /etc (Linux) or /Library (Mac)
  • Easy-to-deploy MSI installers for 32-bit and 64-bit Windows

SpiderOak: Blue OpenLicense

This product is based on our current OpenLicense program. In fact, a large part of Blue came from addressing limitations in the current OL program.

  • Data Ownership Model: The end user, not the organization. A user who forgets their password needs a new account.

SpiderOak: Blue

This is our ‘standard’ tier of Blue service.

  • Data Ownership Model: The organization.
  • Password resets possible via browser-driven ‘Zero-Knowledge’ encryption in the management interface.
  • Non-’Zero-Knowledge’ user data auditing interface

SpiderOak: Blue Plus

This is the top-shelf enterprise-grade SpiderOak, for those with ultimate management needs. Everything that follows here is made possible by our Blue Virtual Appliance, which puts all management control into an open-source virtual machine running on your infrastructure. You get full control over the data flowing into and out of SpiderOak from your organization, while we stay completely ‘Zero-Knowledge’.

  • You host your organization’s private keys. Key escrow lets you have full and complete control over the data by enabling you to hold onto the master private keys (which are normally generated via a key derivation scheme based on the user’s password).
  • User account integration with Microsoft Active Directory, OpenLDAP, and RedHat Directory Server. Define LDAP groups, point the appliance at them, and those users automatically show up on SpiderOak.
  • Integrated password management via LDAP or RADIUS. Due to use of key escrow technology, passwords for Blue Plus are only for authenticating users. Via the magic of the virtual appliance we can authenticate against your organization’s existing authentication infrastructure. SecurID? No problem!
  • ‘Zero-Knowledge’ (to us) web and mobile access. This VM can also host a local copy of the web access portal – providing on-the-go access to your users while we remain ‘Zero-Knowledge’.
  • Through the magic of the above web access, the user auditing / administrative data restoration console is also Zero-Knowledge from our perspective.


SpiderOak Blue is now available through a limited release. We have been working with several large enterprises through the beta period and will continue towards general release. If you’re curious about the product, please send an email to blueinfo@spideroak.com and we will get back to you soon.