Table of Contents
When a product becomes a common verb, you realize how popular it is. Dropbox, with 700 million registered users and $1.91 billion in annual revenue, is synonymous with file sharing. We’ve all “Dropbox-ed” a document or file, haven’t we? But do you also use Dropbox as a backup system in your organization? After all, it is a convenient and secure way to store our files and folders. But is Dropbox reliable as a backup system? In this Dropbox data protection guide, we analyze the pros and cons of using Dropbox as backup, along with pointers and best practices to protect your valuable Dropbox data.
Using Dropbox as a Backup System
Dropbox is an invaluable tool for file sharing and collaboration, which also doubles as a cloud storage solution for files and folders. It provides users with the ability to back up any file of any size by simply dragging and dropping it into their Dropbox account. The file will then be encrypted, automatically stored on Dropbox’s servers, and accessible from anywhere with an internet connection. If you ever need to retrieve your file, even from another device, you can do so by logging into your Dropbox account in a flash. This may seem that Dropbox can double up as a decent cloud backup option in addition to it being a cloud storage solution.
Disadvantages of Dropbox as a Backup System
Let’s first understand what cloud backup and cloud storage are meant to deliver. Cloud backup systems are intended to store an encrypted copy of data on the cloud for easy and timely recovery from any point-in-time. Cloud storage systems on the other hand work on the basis of synced file sharing – it essentially ensures that your offsite cloud storage is a replica of your mapped local drive. We’ll now map the must-have requirements from a robust backup system to what Dropbox can provide.
- No-Integrity Backup: While Dropbox encrypts the data and it is stored on the cloud, it works on the principle of synced file sharing, thus making the data open to change. Any change to a document on a local drive – modification, deletion, addition – will be synced to Dropbox’s copy. Thus the integrity of your backed up data is not maintained.
- Time-bound Recovery, Limited Retention: The primary aim of backup is accurate recovery from data loss. A reliable backup solution should allow you to restore your data from any point-in-time. Now, say a file has been accidentally deleted or a disgruntled employee corrupted a bunch of important file. However, your colleagues only realize it after a few months. Well, Dropbox has a 30-day retrieval window for its Basic or Plus accounts, and a 180 day grace period for Professional or Business account holders. If you’ve missed that deadline, your data is permanently deleted. Or as Dropbox puts it, “Deleted files are marked for deletion in our system and are purged from our storage servers. They can no longer be recovered”.
- Incomplete Data Protection: Dropbox will only backup the data that you ask it to, and will only support certain applications like Microsoft 365 or Google Workspace. This leaves a substantial portion of your data unsecured and vulnerable to data loss. An efficient cloud backup solution should comprehensively backup all your files and folders across multiple applications that it is supposed to backup.
Dropbox Data Protection and Security Best Practices
While Dropbox has best-in-breed security credentials, as per the Shared Responsibility Model, the onus of protecting your data from problems at your end lies with you. This is not a one-off case. 1 out of 3 companies have lost SaaS data and 2 out of 3 companies have been targeted by ransomware. Here are a few data protection best practices for Dropbox (For further details with screenshots read our blog: How to Secure Dropbox Data)
- Implement Secure Authentication: Mandate multi-factor authentication (MFA) as a standard practice across all user accounts. You have a choice of receiving the code via text or an authenticator app. Here is Dropbox’s MFA help manual to get started.
- Monitor Dropbox’s Usage:Staying vigilant is essential for protecting your account from any illegal activity. You can check the usage of your Dropbox at anytime by logging into your Dropbox account. Here, you will be able to see everything that has been uploaded or downloaded in a month, week, or day period. Also available is data on which browsers have accessed your account recently – ensuring that no one else is abusing it without permission.
- Limit Access, Delist Unnecessary Devices: Limit access to Dropbox on a strict need-to-know basis. Keep checking your Security settings for accounts and devices that you do not recognize and revoke access or delist them.
- Consider Additional Encryption: Dropbox encrypts your data. However, for particularly sensitive data consider additional encryption such as a full disk encryption tool like BitLocker or a VPN service.
- Backup Dropbox: Secure your business-critical Dropbox data with an additional level of security with third-party backup. In addition to Dropbox backup mitigating data loss with unlimited recovery, it also ensures that your compliant with data regulatory laws like the GDPR, HIPAA, CCPA, and the like that mandate “demonstrable recoverability”.
Secure All Your Dropbox Data With CloudAlly
Our Dropbox Backup solution provides encrypted, secure, and immutable backup on AWS S3 storage for all of your Dropbox data and metadata. Reduce downtime and recover ASAP with unlimited retention and recovery from any point in time. Plus our solution protects multiple SaaS platforms including Box, Microsoft 365, Google Workspace, and Salesforce.