Five Reasons Why Using Dropbox Puts Your Business at Risk

As a way for friends and family to share information, or simply to catalogue your digital photo files, Dropbox is a superb resource.

dropbox security


It’s simplicity, openness, and ease of use makes it the perfect tool for sharing. However, the very things that make Dropbox an easy way to distribute information, also makes it a potential liability for business users.

Here are five good reasons why your business should not be entrusting your sensitive data to Dropbox:

  1. Risk of Data Loss

Because Dropbox was designed for the average user and was not intended specifically for business, oversight controls are much less stringent than true enterprise data management systems. One of the primary concerns with Dropbox is that any device with an instance of Dropbox installed can access your corporate Dropbox account and synch all your data without your IT Admin even knowing.

This means that an employee can be walking around with your critical data on an non-secure laptop or tablet. Even if they have no intention of causing the firm harm, your data is now at risk.

  1. Potential for Data Theft

Last fall, hackers claiming to have over seven million Dropbox usernames and passwords leaked some of this data to the internet threatening to release more unless they were paid a ransom. Dropbox denied their servers were hacked in this case, placing the blame instead on other services to which Dropbox provides access.

But that is the problem: because there are so many possible points of entry into Dropbox, the potential for a malicious attack is very high.

  1. Dropbox Fails to Meet Compliance Requirements

Most industry regulators – and indeed many corporate compliance polices – require all data files to be maintained for a prescribed period of time. Typically, access to certain files must also be restricted to only approved individuals and in both instances, Dropbox falls short. This is because Dropbox does not allow you to set user-level read and write privileges so access to data in a Dropbox folder is either all or none.

  1. Lack of Robust Data Encryption

Dropbox has very limited data encryption capabilities that fall well below the standards of typical corporate data management systems. While this may be adequate for storing non-critical files, it is not sufficient for sensitive client data.

  1. Lack of File History Audit Trail

Because Dropbox does not provide an audit trail identifying users that accessed a file, it is not possible for IT Administrators to know when a file was modified or deleted. This can make it very difficult to enforce proper file versioning controls and protect data.

The attraction to Dropbox is understandable; it is very low-cost and provides the ease of accessibility that is the hallmark of cloud storage facilities. Having said that, there are better alternatives to safe-guard your data while still providing all the benefits the cloud has to offer.

Have questions about Dropbox for your business?  Give your team of cloud experts a call today.  We are here to make sure your business is completely safe.