Kerveros vs. SaaS encrypted-storage services
Sync.com, Tresorit, and similar zero-knowledge cloud services solve a real problem — if you can live with their pricing model and trust their server-side infrastructure. Here’s how Kerveros differs.
Pricing math (3 users, 5 years)
| Service | Per user / month | 3 users / 5 years |
|---|---|---|
| Sync.com Teams | €8 | ~€1,440 |
| Tresorit Business | €14 | ~€2,520 |
| Dropbox Business Standard | €15 | ~€2,700 |
| Kerveros Team + Tigris (10 GB) | €0 | ~€419 (€299 + 4×€29 renewals + €0 storage) |
Trust differences
Sync.com and Tresorit do client-side encryption, but they also run the storage. If their infrastructure is compromised, an attacker controls the metadata layer (file IDs, sharing graphs, audit logs). Kerveros separates the application (us, on your machine, no servers) from the storage (you, on whichever S3-compatible provider you trust). Compromising us doesn’t reveal your data; compromising the storage provider reveals only encrypted blobs.
What you give up by going zero-server
- No web client. Kerveros is a desktop app. No browsing files from a random kiosk.
- No mobile client (yet). SaaS services have polished iOS / Android apps.
- No password recovery. Lose the passphrase, lose the data. SaaS services have account-recovery flows; Kerveros doesn’t.
- You manage the bucket. Picking a provider, getting credentials, paying for storage — that’s on you. The onboarding wizard helps; it doesn’t eliminate the step.
When SaaS is the right pick
Web access from anywhere; non-technical users who can’t handle bucket setup; mobile-heavy workflows; need account-recovery for forgetful users; need DLP / e-discovery integrations. Use Sync.com or Tresorit. We’ll cheer you on.