Dropbox is a common platform used for file sharing – anyone can create an account, upload images or notes, and send them to their friends and family. For businesses, however, the more important the data, the more security measures needed to protect it. Cloud storage has become the new flash drive — all your files, accessible from any device at any time, without the risk of breaking or losing your portable jump drive and all of your files. But, not every cloud storage site is perfectly secure.
Just last year the company released an update that deleted user files, offering a year of free service to make up for it. Dropbox has also found itself in the spotlight surrounding a discovered vulnerability which allowed Dropbox files to be indexed publicly through Google for anyone to see. But, with over 200 million users, you might find yourself asking: is Dropbox safe for backing up my confidential business data?
Encryption Standards
While there’s no such thing as total and complete security, you need to make sure you take the proper steps to manage and mitigate your risks. Online cloud storage involves handing your data over to a third-party company for the ease and efficiency of quick file sharing. How is that third-party company going to treat your data? They might have taken the crucial step of encrypting your data, but who within the company holds the encryption key? If the cloud provider you choose has your encryption key, they can read and potentially sell your data at any time.
A cloud backup provider with integrity won’t have the encryption key because they’re focused on what you need – military grade 256-bit encryption, considered unbreakable, and end-to-end encryption, meaning your data is encrypted before it ever leaves your computer, making it unreadable and protected even during its transit to the cloud. Dropbox has 256-bit AES encryption and promises that its employees can only read file names and locations. However, as Dropbox is a sharing service, the comprehensiveness of that encryption can fall short and leave your business data vulnerable.
Monitoring and user permissions
If you have an IT specialist or department, Dropbox doesn’t allow them to monitor or control who is syncing files, who has access to which files, and who is sharing them. If any confidential data is leaked, you will have no way of knowing who sent it or who accessed it. You also don’t have password protection or customizable reading, editing, and sharing privileges for individual users, a crucial aspect for business users.
With so many individuals collaborating on a document or file, not being able to set permissions leaves your files vulnerable to accidental overwrites or deletions. Same goes for sharing permissions with sub-folders in Dropbox – without specifying permissions, you’re forced to completely redo your entire folder structure just to protect your data.
As a business tool, Dropbox should accommodate the standard of confidentiality, but as a cloud backup service, it falls short. Once you’ve sent a file through Dropbox, you’ve completely lost control over who can access that file — anyone given access to your files will be able to edit that data or share it with whomever they choose. This ability can put your data at risk to accidental changes, deletions and unauthorized access.
Cloud storage vs cloud backup
Ultimately, Dropbox is a cloud storage, sharing, and syncing tool and is never meant to be treated as a cloud backup solution. There’s a striking difference between the two, and treating a cloud storage site as a backup is very risky. Cloud backup offers better protection through encryption, while cloud storage is limited in its encryption to enable sharing. The heightened, high-level security features associated with cloud backup don’t let you file share and sync like Dropbox and other cloud storage providers, because the purpose of cloud backup is to create a complete, secure backup of your entire system.
You might be able to easily share documents with colleagues whenever you need to with Dropbox, but those files are unsecured in a number of ways, including encryption, backup, and retrieving previous versions of files. When cloud storage does offer previous file versioning, it’s often limited to a 30-day retrieval window, with longer windows as an add-on — as is the case with Dropbox. This can make it impossible to recover previous file versions or accidentally deleted files when they’re detected later on, which is frequently the case — especially when you’re sharing and syncing files with a team of people.
So, if Dropbox is so unsecured, what can you do? Banning Dropbox completely is hard to accomplish because it limits interactions your employees have with other businesses who use it. More often than not, employees use unsecure file sharing sites without letting their IT department know, opening their files up for theft. Ignoring the issue is also not a solution – eventually, there will be an attack, and then your files will be lost.
Alternatively, human user error could result in accidentally sharing files with unauthorized parties or losing a device without data encryption on its files. Securing your data isn’t avoidable. Switching to a cloud backup service like Nordic Backup is the best option to keeping your data secure. With cloud backup, your data will always be safe, retrievable, and ready to restore when you need it. Our end-to-end encryption, unlimited version histories, secure data centers, and more keep your data exponentially safer than any free online cloud storage website.