Learn how Dropbox's advanced IT security management helps protect your sensitive information from unauthorized access, phishing, data breaches, and new threats.
Dropbox has strict risk management policies regarding user information assurance. We are committed to ongoing risk assessment and continually improving the security testing, confidentiality, and data integrity of Dropbox Business systems.
Download the Security Whitepaper
Key areas include:
Access and Authentication Requirements
Retention and deletion
Discovery and Classification
Data Loss Prevention
Dropbox safeguards confidential information assets that are stored and shared by your employees during everyday business operations. Dropbox has numerous data protection practices and security awareness protocols to keep your critical information safe. We also offer further controls that help you maintain the security of your own data.
Employee access to data is granted based on role based access control and all access requires layers of authentication that includes strong passwords, SSH keys, 2 factor authentication, and one time passcodes.
The Dropbox Engineering team’s Formal Change Management Policy ensures that changes have been authorized prior to implementation into production environments.
Our underlying infrastructure is designed with modern security concepts like defense in depth. Our security controls are tested extensively by our own security team, third party testers, and through an industry leading bug bounty program.
Dropbox safeguards your content with document watermarking, granular content permissions and policies, document watermarking, and legal holds.
Transparency is everything when it comes to building trust and protecting the rights of our users. To that end, we’re committed to being transparent about how we handle government requests for user data. Since 2012, we’ve published a biannual transparency report that makes it easy for you to see the type and number of requests we get, from where they originate, and how we respond to them.