Security – What security risks are there with employees using Dropbox

backupdropboxfile-sharingSecurityversioning

Are there any particular security concerns to keep in mind with company-wide use of Dropbox file sharing / versioning / backing up, and are there specific options or settings that would be recommended to limit the risk?

Best Answer

It depends on your business and your level of paranoia. It's much safer, albeit more expensive, to issue laptops with a VPN connection.

Real quick...

Some Risks:

  • Former employees potentially have access to business data after employment has been terminated. You as the business MUST be in control of the accounts if you don't want some disgruntled employee to have access to things after getting fired...
  • These services would bypass any automated document retention mechanisms you have in place which adds another area for you to manually cover for document retention

Recommendations:

  • Make sure you can generate your own encryption key(s) for storing the data and that the key(s) are not shared with the service provider
  • Make sure your data is encrypted BEFORE it gets sent to the service's repository
  • If you are going to let individuals have their own account then have a single point of contact for your company. Coordinate all accounts through this person (or a couple of people as proxies). Or make sure that the provider supports business accounts that you can somehow group employees under.
Related Topic