I’m a long time Dropbox user and lover. It’s easy to use and just works. Having said that I know that many smart people say that Dropbox is not secure. Sure some of this is just “sour grapes” and competitive howling.
Jaspreet Singh, CEO of Druva, which makes endpoint security software, gives several specific reasons below why Dropbox is not secure. Some of these reasons are quite technical to understand, but overall, Jaspreet, and others, feel that Dropbox needs to be more robust and offer more security focused features to sufficiently secure.
Should you ditch Dropbox? I’m not so sure. Should you store confidential information on your Dropbox account? Maybe not. At a recent Microsoft event, an executive said that more and more companies were using Microsoft’s Skydrive due to the very reason that Dropbox was just not secure enough.
- Weak centralized administration
- No support for single sign-on like Active directory or SAML
- Can’t control/limit access to which devices can be used to access the account
- Weak encryption, and sanboxing of data between customers
- No black-listing of domains
- Can’t wipe/block access to data when user leaves the organization
- Lacking two-factor authentication
- No expiry or centralized control on links or shared data
- No visibility on what’s being shared and whome
- Missing search or API based e-Discovery integration