Dropbox has grown from a simple cloud-sync service to a robust cloud storage solution in such a short time. It now serves both individuals customers and business users. The cloud service has grown significantly since its foundation in 2007.
It is a frequent target for hackers because of its popularity. Additionally, Dropbox users save different types of files in its cloud storage. Some even have personal data and sensitive information in their accounts. It catches the interest of cybercriminals. Several questions now arise from some concerns users.
Is Dropbox Safe for Confidential Files?
Files in the cloud are susceptible to a lot of threats. Dropbox, being a cloud storage service, does not escape these issues. A concern about file access, whether personal or public, was important during the early versions of Dropbox. However, even today, experts still see data breaches, system vulnerabilities, and shared technology weakness as some of the top security threats for 2018.
One concern is transmitting the data over a network during sync. Hackers can “sniff” data over a network. Sensitive information syncing over a network, especially a public network, is in danger of sniffing. It is notably easier to gather data if there’s a malware installed on your system.
Dropbox implemented several protection in place during the transmission of data. It uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS). It protects the data in transit between Dropbox applications and its servers. SSL/TLS creates a secure “tunnel” which is protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. Hackers who are listening will not decrypt the data over the network.
So, files in transfer during sync get the security of SSL/TLS. How about files which are already on the servers?
Files in the cloud are encrypted using 256-bit Advanced Encryption Standard (AES). That means the files are not accessible by non-account owners. AES uses sophisticated algorithms to encrypt data using ciphers. Only the secret key can decrypt the files in the server.
Additionally, users have full control over how they share their files. A person can access public data on the server with the specific link to the file or folder. That means it will not turn up accidentally in search engines. Moreover, users have the option to implement a two-step verification. It further protects accounts from hacking. The extra layer of security guards the entire account.
Is Dropbox a Good Backup against Ransomware?
Dropbox has been a favorite way to backup files. It is very different from actual backup services. But, its flexibility and syncing capabilities make it an attractive solution.
Nowadays, ransomware attacks are getting worse. In 2017 alone, ransomware attacks a company every 40 seconds. Ransomware is becoming a popular choice among hackers as well. Malwarebytes reports that about 60% of malware payloads from phishing and other attacks are ransomware. Data is an essential asset for an individual or a company. It may also directly affect their financials.
Could you use Dropbox as a backup? Well, the answer is both a “yes” and a “no.” Dropbox and its applications cannot differentiate between ransomware encrypted files and regular files. It may also sync other malware infected folders and data to the server.
Luckily, Dropbox keeps older versions of your files. Its servers keep the previous version each time you send a request to sync new versions of your data. Free accounts have versions of files within the past 30 days. A more extended version coverage is available for a fee.
You can recover your unaffected files from Dropbox easily. However, there a few points to remember. You should know when the infection started. Dropbox syncs any data in its folder and apps whether it is encrypted or not. You should also make sure to clean your system before restoring the files. Additionally, it is a good idea to install and run an anti-malware program such as MalwareFox. It is to make sure that Dropbox is not syncing any malware on your system.
What if I Lose My Data?
Data loss is a typical concern even with traditional servers. It is, even more, a concern with cloud storage solutions. Dropbox is no stranger to glitches which caused significant loss of data. Users reported that hackers delete their files from online accounts and sync devices in 2014. Apparently, it is caused by errors in code in Dropbox’s Selective Sync app.
Dropbox has fixed any vulnerabilities which caused data loss. It creates logs in case your file is moved or deleted. You can check this log if your file is missing. Additionally, Dropbox apps notify you of deleted files. You can follow these suggestions if you find your files missing.
Moreover, you can still take advantage of the file version history described above. File versioning is also in effect after deleting a file or folder. Take note of the 30-day period. Again, you can extend this depending on your account type. You can quickly restore and download missing or deleted files in your account.
Protect your Dropbox Account and Files
Part of the issues with file vulnerabilities in cloud storage roots from user behavior. You have to take extra steps to protect your files in Dropbox. Additionally, you have to protect the devices syncing on your account too.
Here are some few tips to protect your Dropbox account and files:
- Change your password regularly. Use strong passwords with alphabets, numbers, and special characters.
- Check the IP address of the last known device connected to your account. It is useful when you suspect that someone has access to your account. This option is accessible in Dropbox Security settings.
- Manage and unlink devices, web sessions, and apps. You should know what devices your account has link to. Additionally, check which applications are using your account.
- hand-o-rightSet-up two-step verification. It proves to be an excellent extra layer of protection. It protects your account from unauthorized login attempts.
Dropbox is continuously improving its software architecture and hardware infrastructure. There are hiccups along the way. However, it is safe to consider it as a safe cloud storage option.
You should note that you still need to make extra effort to protect your files. User behavior is the leading cause of most attacks. Knowing what threats to look out for is a good start. Additionally, your security suite should be in place.