Dropbox is used by over 700 million users across 180 countries and holds the business-critical data of over 600,000 teams. With instances of SaaS data loss rising – it impacts 49% of companies – securing your Dropbox SaaS data can mitigate the risk and minimize the damages. Dropbox has world-class security constructs in place, but it has not been immune to its share of breaches. In the past, email credentials of 68mn users were leaked, users’ Dropbox files were publicly indexed on Google, users’ deleted files were kept on its servers for years, and more. So how to secure Dropbox files? Particularly your business-critical Dropbox data? We list four practical ways to secure your organization’s Dropbox data and ensure business continuity if and when malware, ransomware, breaches, accidental/malicious corruption, or downtime strikes.
Is Dropbox Secure? How Does Dropbox Secure Your Data?
Yes, Dropbox is stringently secure, adopting industry best practices. As it states, “At Dropbox, the security of your data is our highest priority. We have a dedicated security team using the best tools and engineering practices available to build and maintain Dropbox, and you can rest assured that we’ve implemented multiple levels of security to protect and back up your files.” Here are Dropbox’s security credentials with some of its key security features including encryption, two-factor authentication, regular vulnerability checks, and security updates. Dropbox data is encrypted at-rest with AES 256-bit encryption and in-transit with Secure Sockets Layer (SSL)/Transport Layer Security (TLS). Thus, your data is sent back and forth via a secure connection between the Dropbox app installed on your device and the Dropbox servers.
However, as the saying goes, there are two types of companies: those that have been hacked, and those that don’t know they’ve been hacked. That’s why it’s important to take additional steps to secure your Dropbox data, even if Dropbox’s security measures make it unlikely that your data will be compromised. Read on for four best practices on how to secure Dropbox files.
How to Secure Dropbox Files and Data for Your Business: 4 Best Practices
#1 Secure Dropbox Authentication: MFA and Strong Passwords
One way to secure Dropbox files and data is by using multi-factor authentication (MFA) or two-factor authentication (2FA). This requires you to enter a code from your phone in addition to your password when logging in. MFA has been shown to be successful in blocking 99.9% of data breaches by compromising credentials. This is because MFA uses a combination of a password, a security token, and possibly even biometric verification to authenticate users instead of relying on only one factor like passwords alone.
If you’re not already using 2FA, we recommend enabling it for all Dropbox users in your organization. Here is Dropbox’s help manual to enable 2FA.
Lastly, have a strong password policy in place and change your passwords frequently.
#2 Monitor Dropbox: Usage and Linked Apps
Another way on how to secure Dropbox files data is to monitor its usage and the apps that are linked to it. For that, you need to check the Account and Security tabs under Settings.
Here are some tips on how to do that:
- Monitor Dropbox Usage: It’s important to keep track of how much data is being uploaded and downloaded from your Dropbox account. This can help you spot any suspicious activity and identify any unauthorized users. You can see an overview of your account’s usage by going to the Dropbox website and clicking on the “Account” tab. From there, you can see how much data has been uploaded and downloaded in the last month, week, and day. Similarly, you can view your current web sessions to see which browsers are currently logged into your Dropbox account.
- Monitor Linked Apps: It’s also essential to keep track of which apps are linked to your Dropbox account. This can help you identify any unauthorized apps that may be accessing your data without your knowledge. You can see a list of all the apps that are linked to your account by checking the “Security” tab. From there, you can see which apps have access to your files and folders, as well as what permissions they have.
- Strict “Need-to-Know” Access: The “Need-to-Know” security principle states that a user/app shall only have access to the information that their job function requires, nothing more. If you see any apps that you don’t recognize or that you no longer use, you can revoke their access to your Dropbox account by clicking on the “Revoke access” button next to them.
- Delist Unnecessary Devices: In the “Security” tab, you will see a list of the names of the devices to which you have connected your Dropbox account. Next to each device, you’ll find information about where and when you used that device as well as when you last accessed Dropbox on it. If you no longer want a particular device linked to your account, simply click the ‘x’ next to it; doing so will delink the device and prevent anyone else from being able to access your account using that device.
#3 Encrypt Your Dropbox Files and Data
Though Dropbox rigorously encrypts your data at all times, it does not follow “Zero Knowledge Encryption”, as that makes the service significantly slower. Instead, Dropbox stores all the encryption keys for its users, though in a highly secure location with minimal access. However, your data can be divulged to law enforcement agencies and/or be subject to other legal/compliance mandates.
The way out to secure Dropbox files? Encrypt your Dropbox data yourself. There are a few different ways you can encrypt your data:
- Use a file encryption tool like 7-Zip or VeraCrypt to encrypt individual files before uploading them to Dropbox.
- Use a full disk encryption tool like BitLocker or FileVault to encrypt your entire hard drive. This will encrypt all the files on your computer, not just the ones you upload to Dropbox.
- Use a VPN service that encrypts all your internet traffic, such as ExpressVPN or NordVPN. This will encrypt all the data you upload to Dropbox, as well as any other data you send or receive online.
#4 Backup Dropbox Files and Data
Even if you take all the precautions listed above, there’s always a chance that something could go wrong and you could lose access to your data. That’s why it’s important to make regular backups of your data, so you can restore it if something does happen. That is the most sureshot way on how to secure Dropbox files.
Backup and Recover Dropbox via Native Dropbox Options
Some native Dropbox backup and recovery options include the following (Read this guide for 5 Ways to Recover Permanently Deleted Files in Dropbox Business)
- Dropbox saves all your lost files for 30 days (or longer for Dropbox Professional and Business users based on their plan details). So your first step would be to recover from the Dropbox Trash Bin.
- Dropbox Rewind allows you can take a whole folder or even your entire account back to any time in the last 30 days, or longer based on your plan.
- Dropbox also offers Version History that has snapshots of all changes made to files. You can restore files by this method, but not folders.
Backup and Recover Dropbox Using Third-party Backup
CloudAlly’s comprehensive Dropbox backup provides automated daily backup (AWS S3) and unlimited retention of Dropbox folders, Team folders, files, and metadata. By securing your Dropbox data with our cloud-to-cloud backup, you can protect your company’s valuable information while also ensuring compliance with any retention policies. Furthermore, this will help to prevent both intentional and unintentional data loss while significantly reducing recovery time objectives. You can also save on license costs with support to zip and export archived Dropbox data directly to your own S3, Azure, Box or Dropbox storage.