Druva inSync vs. Code42 CrashPlan for Enterprise Comparison Guide

Executive Summary

At first glance, inSync and Code42 CrashPlan for Enterprise might seem similar, as both are designed for endpoints, provide flexible deployment options, license per user and have some common features. However, inSync has several architectural advantages and integrated features, such as data loss prevention (DLP), file sharing, and governance, which provide business with higher value at a lower total cost of ownership (TCO) than CrashPlan does.

Druva inSync is the only unified platform which offers endpoint backup, EFSS, eDiscovery enablement and DLP. Druva designed inSync as a unified endpoint data protection, sharing, and governance solution that delivers the visibility and management needed for large enterprises. This approach enables organizations to benefit from the performance increases delivered by our unique global deduplication system, as well as minimize the data replication inherent with siloed solutions. Security and governance remain centralized, providing comprehensive audit trails, and the ability for legal hold across all your endpoint data.

This report will compare the features of CrashPlan and inSync across several different categories, including: data deduplication, persona backup, data governance and eDiscovery, security and data privacy, availability and data durability, and integrated file sync and share.

1. Why Switch from CrashPlan to inSync?

  • inSync saves 80% in bandwidth and storage with global, application-aware, client-side deduplication.
  • CrashPlan does not have the ability to globally deduplicate data across all users in an enterprise.
  • CrashPlan’s dual-destination backups require twice the bandwidth as inSync.
  • CrashPlan cannot enable efficient OS migration or laptop refreshes, as it lacks system and application settings backup.
  • CrashPlan does not integrate with MDM providers.
  • CrashPlan does not backup mobile devices or containerize corporate data.
  • CrashPlan’s data centers – which are located in Minneapolis and Atlanta – are not ITAR, FISMA, ISAE 3000, SOC-1 (SSAE 16/ISAE 3402) SOC-2 or SOC-3 certified.
  • CrashPlan has no stated SLAs on data durability and availability.
  • CrashPlan’s security options trade-off enteprise level data accessibility for security and privacy, opening a hole for data loss through lock-out.
  • CrashPlan does not offer mobile smart device remote wipe capability for DLP to prevent data breaches.
  • With CrashPlan’s SharePlan, file sharing is only available for on-prem deployments and is not integrated with backup data.

2. Data Deduplication Techniques

Data Deduplication Techniques Code42 CrashPlan for Enterprise Druva inSync
Deduplication methodology Variable-block level, only deduplicates within a single device Object level, global, and client-side
Application-aware No Yes
Email and attachments PSTs are evaluated as a single file Deduplicates individual messages and attachments

CrashPlan

CrashPlan deduplicates only across data from a single device providing very limited bandwidth and storage savings.

  • Variable-block based, byte level deduplication is not accurate at determining block boundaries (objects) to efficiently deduplicate objects within/across different file types
  • The per device model results in a single 100MB file, stored on 20 user’s devices being backed up 20 times, whereas global deduplication which will only store it once
  • Without email awareness, a PST file must be assessed and backed-up every pass, resulting in a lot of wasted storage

inSync

inSync’s deduplication is global, application-aware, and client-side which results in 70-80% bandwidth and storage savings.

  • inSync deduplicates data across all users/devices in the enterprise
  • Because of its application-aware nature, inSync provides optimal deduplication with Outlook, PDF, and Office files as it accurately determines block boundaries and can recognize objects within as well as across these file types
  • inSync is far more efficient in backing up large PST files as it uses MAPI to deduplicate at the message/attachment level
  • Resulting bandwidth and storage savings mean faster, compact backups, a better end user experience, and lower TCO

Storage and bandwidth usage over time:

80%
LESS

inSync will use 17TB less storage and bandwidth (80% less) compared to traditional backup after 1 year of implementation.

3. Persona backup

CrashPlan

CrashPlan does not offer system and application settings backup.

inSync

With inSync’s Persona backup, users can backup system and application settings in addition to their files and folders.

  • Eliminates the need for painful BMR on endpoints
  • Saves end-user time spent in manually reconfiguring system and application settings to get back their familiar working environment
  • Can be used for OS migration or laptop refreshes, eliminating the need to purchase software specific to OS migration that has no use after the migration process is completed
  • Makes replacement/refresh and OS upgrade/migration processes efficient with user self-restore of both data and settings

4. Data governance and eDiscovery

Data Governance & eDiscovery Code42 CrashPlan for Enterprise Druva inSync
Federated search and legal hold No Yes
User activity streams No Yes
Admin tamper-proof audit trails No Yes
Direct access for eDiscovery platforms No Yes (e.g. AccessData, Recommind)

CrashPlan

CrashPlan does not allow admins to perform federated searches of files or folders across all users/ devices. Furthermore, CrashPlan does not provide integrated audit trails or DLP features.

inSync

inSync enables IT governance of endpoint data with a 360 degree view of all activities.

  • Unified data governance and eDiscovery enablement
  • Undeletable audit trail of all admin activities
  • Reporting & activity streams
  • Federated access enables IT and legal teams to locate, view and manage endpoint data without impacting custodians
  • Built-in legal hold workflow facilitates the collection and preservation of relevant custodian data or legal teams
  • Enables ingestion into an eDiscovery platform (Recommind, AccessData) directly from inSync’s repository for further review from legal teams
  • Unified data protection across laptops and smart-devices
  • Encryption of data in the device
  • Remote & auto wipe of data
  • Geo-tracking
  • Mobile device data containerization
  • Access restrictions

5. Security and Data Privacy

Security and Data Privacy Code42 CrashPlan for Enterprise Druva inSync
Encryption in-transit 128-bit AES 256-bit TLS
Encryption at-rest 448-bit Blowfish 256-bit AES
Data encryption on endpoints No Yes
Certified cloud infrastructure management Yes Yes

CrashPlan

CrashPlan provides incomplete data security, and its data privacy measures leave corporate data at risk of exposure.

  • CrashPlan stores encryption keys in on end user devices in plain text
  • The Blowfish algorithm was not found to be as secure as 256-bit AES by the US Govt
  • CrashPlan’s most basic security leaves it open to cloud data privacy issues, whereas their stronger encryption choices prevent compliance and legal teams from accessing employee stored files for auditing and litigation

inSync

With inSync, customers have complete data privacy.

  • Unique zero-knowledge encryption management ensures that encryption keys are never stored in the cloud or on endpoints, preventing anyone except the customer from accessing data
  • inSync Cloud customers can easily comply with data residency laws given access to multiple regions

6. Availability and Data Durability

CrashPlan

CrashPlan’s cloud does not replicate data and has no stated SLAs.

  • No data redundancy across data centers
  • Requires dual destination backups that increase storage/bandwidth & costs

inSync

inSync’s cloud data center replication and multi-zone redundancy provide the highest availability and data durability. As well, the data centers utilized by Druva carry extensive certifications for protecting stored data.

Industry’s best cloud infrastructure
Certified cloud operations
Integrated File Sync & Share Code42 CrashPlan for Enterprise Druva inSync
File sharing with IT visibility Requires on-prem master server Yes, integrated

CrashPlan

CrashPlan’s file sync and share product, SharePlan, is in its first version.

  • Requires the use of a on-premise master server
  • Separate client applications for CrashPlan and SharePlan create end-user overhead
  • Does not provide admin visibility into sharing activity
  • CrashPlan and SharePlan store their data in different repositories, requiring significant extra storage and no deduplication benefits.

inSync

inSync was the first provider to integrate secure file synchronizing and sharing with endpoint backup, and deliver capabilities to increase user productivity while giving IT admins granular control over sharing.

  • File sharing data is globally deduplicated with backup data which amplifies bandwidth & storage savings
  • Deep IT control & visibility
  • enable sharing, share with who, mobile sharing, external/link sharing
  • user activity streams
  • Integrated document viewer (view only links, expire link by # of views)
  • Selective sync (save bandwidth, disc space on endpoint)

Conclusion

Code42 CrashPlan for Enterprise is an inadequate backup solution for the needs of today’s mobile enterprise. On the other hand, inSync offers the industry’s best data protection solution for all enterprise endpoints: laptops, smartphones and tablets. Validated by leading analysts and a growing customer base, inSync dramatically improves IT efficiencies and end-user productivity. A recent study conducted by the Ponemon Institute, Quantifying the Value of Unified Endpoint Data Management, indicates that enterprises can save more than $8,100 per user by employing a solution like inSync, which integrates endpoint backup with secure file sharing, DLP and analytics.

Product Comparison Chart

FeatureCode42 CrashPlan for EnterpriseDruva inSync
Cloud Infrastructure
Data Redundancy Across Multiple Data CentersNot availableYes, can sustain concurrent loss of data in two facilities (Cloud)
CertificationsSAS 70 onlySOC1 (SSAE 16), ISAE 3402 (formerly SAS 70), SOC 2, SOC 3, ISO 27001, PCI DSS Level 1 (Cloud)
Availability and Data DurabilityNot advertised99.5% Availability,
99.99999% Data Durability (Cloud)
Cloud ArchitectureNo, private cloud in a public cloud data centerYes, native cloud architecture with elastic provisioning
Performance
Global Data Deduplication Dedupes only data from same device, resulting in backups of much larger data sets that take longer, consume more bandwidth and storage, and are intrusive to the end user Global/enterprise-wide, reduces data redundancy across all users/devices to provide the best performance in storage and bandwidth savings
Dedupe Granularity Block-based, incapable of recognizing file formats, objects within files, and across different file types, resulting in poor bandwidth/storage savings App-aware, object-level, able to understand different file formats and intelligently deduplicate objects within and across different file formats, providing dramatic bandwidth and storage savings
WAN Optimization Not available Yes, optimizes packet size and number of threads depending on network noise and latency, making best use of available bandwidth
Bandwidth Throttling Sub-optimal maximum bandwidth cap Based on percentage of available bandwidth (optimal for modern workforce connecting over multiple networks)
CPU Throttling Available Available
Data Capture FrequencyCDP (minutes)CDP (minutes)
Security
Network Encryption (data encryption in transit)128-bit AES256-bit TLS
Storage Encryption (data encryption at rest)448-bit Blowfish 256-bit AES, NIST standard, used by government and financial institutions
SSONot available on mobile devices Available on all devices
Encryption Key Management Overhead of maintaining Master Server on-premise Two-factor encryption key management provides complete security and data privacy with no hardware required on-premise
Encryption Key Stored on Client Device Yes, in plain text No
On-device Data EncryptionNot availableYes
Remote Wipe CapabilityNot availableYes
Administrator Experience
Central Management ConsoleYesYes
Mass DeploymentNeeds custom scripting In product tools, no custom scripting required
Data Governance
eDiscovery EnablementNot availableFederated search and legal hold
User Activity StreamsNot availableDetailed information including who, what, when of all user activities
Admin Audit TrailsNot availableTamper-proof audit trail of all admin actions
Direct Access for eDiscovery PlatformsNoYes (e.g. AccessData, Recommind)
Device/OS Diversity
Supported PC/Laptop PlatformsWindows/Linux/MacWindows/Linux/Mac
Smartphone/Tablet BackupNot availableiOS and Android
Mobile AccessiOS, Android, Win Mobile 8iOS, Android, Win Mobile 8
Content Variety
Files/FoldersYesYes
Email ArchivesNot efficient with PST filesYes. App-aware technology uses MAPI for optimal PST backup
System and Application SettingsNot availableYes, backup of user system and application settings simplifies OS migration and laptop replacement
Beyond Backup
Data Loss PreventionNot availableYes, includes data encryption on endpoints, remote wipe and geo-tracking
Integrated File Sharing with IT VisibilitySharePlan not available for pure cloud deployments, requires separate client application, no IT visibility into sharingYes
Advanced Data InsightsNot availableYes

More Resources

Visit Druva.com/resources/ for additional resources for learning more about endpoint backup.