Is Dropbox really safe?

January 14, 2016, Guest Author
Password & security

Dropbox has grown to become one the largest file sharing and cloud storage solutions online for both businesses and for individuals. Due to this, it has become a main target for hackers and other cyber criminals who try to either exploit it for profit or steal large amounts of user data for ransom or unauthorized use.

It is Dropbox’s responsibility to respond to these various threats and assure customers that their data is as secure as it would be inside of their own hard drive, or better. It is also the users’ responsibility to do their part to keep their account information safe. More often than not, it is the user who makes a mistake and gives up valuable data that can lead to problems down the line. sp_dropbox-Jan-14

Here are some things that you should know about Dropbox and its security:

Reviewing the Basics

Dropbox is an application just as any other, and for it to be secure, you have to be secure in your use of it. The first thing that you need to consider is that Dropbox requires a username and password for each account, sometimes linked to other accounts. Should these accounts be compromised and someone get ahold of your password, you could quickly discover that all of your files have been deleted or copied onto someone else’s hard drive. You need to keep your passwords strong and safe, but you also have to recognize some of the potential pitfalls of the system before deciding to rely on it.

While Dropbox might seem like a simple system to use for most people (and it is, at a basic level), you should know that to truly be confident in your security you also need to know some details of how the system works. You might be the only person at your Dropbox-utilizing company who will notice a grave error that could lead to a large data breach. You need to know the details of who can access which files, so you can keep tabs on your sensitive information.

Previous Scandals and Breaches

The other major consideration for the safe use of Dropbox is the fact that the company doesn’t have the most sterling reputation when it comes to protecting customer data. While many reports you hear of a breach or problem are likely the cause of a user error, there are a couple of incidents in public memory that stick out.

They have changed their privacy policy in the past in order to loosen the restrictions on with whom they can share your data or information gleaned from your data. It is not as bad as some software or applications, but not what you are looking for in a safe storage method.
There was a bug in an update for their desktop client that meant that some files were deleted instead of being copied over. This is nearly as bad as having the files stolen and suggests that Dropbox did not do enough testing prior to release.
There was a major problem for Dropbox when Intralinks discovered an exploit in the system which involved private links and consumer privacy. Dropbox stated that it wasn’t a problem. However, it was a significant problem, and to make matters worse, customers were not notified.
Here, it should also be noted that an incident that made headlines when hackers threatened to have 7 million passwords held ransom has been proven to be false. It has since come out that most of those passwords were expired and not from Dropbox.

The Danger of Public Networks

There is another major problem with Dropbox and other similar services that you should be aware of, and that is the use of public networks for uploading or downloading files. The problem is that these networks are notoriously unprotected, and hackers like to prowl them in order to intercept data much like a radio would catch broadcast signals. This data can include files, other personal information or most alarmingly your passwords and usernames to any services you use. This means that in a minute or two you could lose everything to a hacker you never knew was there, and then have to deal with the consequences over the following months.

The usual security methods don’t protect well against such attacks, but there is an excellent defense should you still want to consider using the service in public. It is called a Virtual Private Network (VPN), and it will connect your device to an offsite secure server which will mask your IP address. It also bestows the benefit of an encrypted connection so that hackers won’t be able to see a thing you’re doing, much less intercept your Dropbox files. A VPN can also block out government censorship and surveillance, allowing you greater privacy in the rest of your internet use as well.

Not all VPNs will act alike, however, and some don’t live up to the task. You need to make sure to invest in the best VPN available in order to safely use Dropbox on a public network. You will want one that does not throttle your connection, has the highest grade of encryption available, and can access many different countries for the sake of your privacy.

Who Do You Trust?

Since Dropbox is as much a sharing platform as it is a storage solution, you have to rely on other people to be as security-minded as you are if you want to consider Dropbox a safe solution at all. Think of your co-workers and family members who also use the service. What are their internet security habits like? Do you trust them enough to treat your data with the same care as you would?

You cannot avoid human error. Studies show that 95 percent of major data breaches occur because of mistakes we humans make, and no amount of training or caution will prevent every last slip up. If you want to consider whether Dropbox is safe, you have to consider more than just the application itself. On those grounds, neither Dropbox nor any other service is entirely safe. You can, however, mitigate the risk by only sharing with people you truly trust. If you are just using it for yourself, then with the right precautions Dropbox is acceptable.

Dropbox has been around for a long time now, but that doesn’t mean anything in the fast-paced world of IT security. You need to review the facts and decide whether you want to continue to use Dropbox considering how much it values your security.

How will this change your use of Dropbox? Will you still use it at all? Share in the comments below.

About the author

Cassie Phillips is an internet security enthusiast who likes to show people that just because you think you can trust a company or program, you still need to be careful.