Continued Breaches Show Dropbox Not Secure Enough for Small Businesses

data

I’m just going to come out and say it: Dropbox on its own is not secure enough for businesses. Bugs and open-doors leave sensitive files open for viewing and who knows what can happen if your classified information falls into the wrong hands. If you’re sharing files with coworkers by sharing Dropbox links, cease and desist! You are potentially leaving your files open to the masses.

Problem
Dropbox is currently the top dedicated cloud storage provider hitting 200 million users back in November 2013.  Unfortunately for business users, Dropbox is also the most targeted cloud service by hackers and thieves. Remember when hackers held 7 million Dropbox passwords ransom? Not only is Dropbox prone to cyber-attacks, but they also suffer from bugs and leaving open doors. In October 2014, Dropbox released an update with a bug that deleted user files, making backup on Dropbox inadequate for business. File deletion!? Then what’s the point of storing files in the cloud anyway?

Prior to this incident, a cloud-based file locker, Intralinks, found that Dropbox users were unknowingly allowing private data to be read by third parties as their files were being indexed by search engines.  Links that you may have shared with other colleagues were being indexed by Google, Yahoo! and Bing, and if competitors searched for a matching keyword on your link, they could click and open your files without you knowing. As you can see saving sensitive company information with Dropbox offers significant risk for business users.

Challenge
Many employees already use Dropbox to quickly store company files. The more employees that use Dropbox to store files, the more vulnerable the company is to information leaks. Although Dropbox offers server-side encryption for your files, it is not enough to protect your files if there is a security breach as Dropbox provides and controls your files’ encryption keys. Dropbox already accesses your files to provide a file preview, which opens obvious security holes. Dropbox has even changed their privacy terms to give themselves the right to share data collected from your files. Depending on the sensitivity of your data, you may want to consider encrypting your data with a 3rd party security software even before it reaches the Dropbox cloud. This would allow you to experience the convenience and value of Dropbox without compromising security.

One response to “Continued Breaches Show Dropbox Not Secure Enough for Small Businesses

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.