+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Is Dropbox secure? Here's how Dropbox has improved its security measures, and what you can do to protect yourself

Mar 5, 2021, 03:17 IST
Business Insider
Dropbox is a cloud storage and file hosting system that has previously received backlash over security concerns.Soumyabrata Roy/NurPhoto/Getty Images
  • Dropbox is secure thanks in part to its 256-bit AES encryption, but the service has been hacked in the past.
  • Because Dropbox is relatively secure, the largest vulnerabilities are often the end users and their security hygiene.
  • To be safe, you should enable two-factor authentication, be wary of public folder sharing, and consider using file-level encryption.
Advertisement

Dropbox is one of the most popular cloud storage solutions in the world, supporting more than 14 million paying customers as of December 2019. Like most online services that have a long history dating back to the early days of the web, Dropbox's past includes hacks and data breaches.

The most infamous incident included the theft of more than 68 million account credentials in 2012 (hackers tried to sell this data in 2016), and the hack led to the company resetting passwords for millions of accounts in 2016.

How Dropbox has increased its security level

In the years since, Dropbox has shored up its security substantially. Today the service's 256-bit AES encryption and support for additional security tools like two-factor authentication is competitive.

Dropbox's security is bolstered by 256-bit AES encryption.Dave Johnson/Insider

The service authenticates all user connections to the server, whether it's via a web browser or mobile app, and Dropbox uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) to protect data as it moves between Dropbox's users and the servers.

Moreover, Dropbox routinely tests its own hardware, software and processes for security vulnerabilities, and makes sure to alert users if Dropbox detects an attempted login from a new device or location. There have been no known large-scale hacks on Dropbox since 2012.

Advertisement

How Dropbox may be vulnerable

"Their current encryption standards make the odds of a hack less likely, but no cloud-based solution is completely safe from new and emerging threats," said Kristen Bolig, founder of SecurityNerd.

Aside from the risk of an attack on Dropbox itself, one of the most dangerous vulnerabilities is on the user end of the Dropbox experience. Users - especially corporate customers - routinely face phishing attacks and social engineering attacks designed to trick people into giving up credentials and access to accounts.

And not all security concerns originate with hackers and criminals. Dropbox's user base crosses international boundaries, and Dropbox may opt to share user data with government agencies and law enforcement from time to time - the service has formal guidelines that dictate its behavior based on official requests.

How to protect yourself as a Dropbox user

All that means your risk of a data breach with Dropbox is low, but not zero, and there are steps you can take to ensure your own security.

Chris Hauk, consumer privacy advocate with Pixel Privacy, recommended enabling Dropbox's two-factor authentication. "This ensures that if a third-party attempts to log into your Dropbox account, you will be notified via email or text message."

Advertisement

Important: You can enable two-factor verification on your Dropbox account by logging into your account through your account's security page, sliding the switch to enable the feature, and customizing your preferred methods of verification.

Two-factor authentication is an easy step you can take to ensure Dropbox remains secure.Dave Johnson/Insider

Simple human error is also a risk - Dropbox allows users to store files in easily exposed public folders, for example, so it's important to be careful about where files are placed.

And for the ultimate in security, both from accidental public folder disclosures as well as hacks, security experts like Security.org's Chief Editor Gabe Turner suggest using file-level encryption on important files stored on Dropbox. You can encrypt and password-protect documents created in Microsoft Office, for example, or with a third-party app.

This eliminates the risk of Dropbox itself accessing your files with the company's own encryption key or handing your information to government authorities.

Important: Make sure your passwords are complex and difficult to uncode, and create different passwords for different services to prevent a large security breach from happening. It's also critical to change passwords periodically in case a situation similar to the 2012 Dropbox hack happens again, for example.

Advertisement
'What is Dropbox?': How to use the cloud-based file-storage service for collaborationHow to upload files to your Dropbox account from a computer or mobile deviceHow to create a folder in Dropbox to keep your files organized on a computer or mobile deviceHow to uninstall Dropbox on a Mac computer in 4 easy steps
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article