Skip to main content

Dropbox information security

Learn how Dropbox's advanced IT security management helps protect your sensitive information from unauthorised access, phishing, data breaches and new threats.

Woman with medium skin and grey hair is wearing a security badge on a lanyard around her neck. She stands between two aisles of shelves filled with archival records. There is a glass plane pulled aside with a security badge reader in front of her. She is pulling out a record

How Dropbox protects your information

Team access controls

Employee access to data is granted based on role-based access control, and all access requires layers of authentication that includes strong passwords, SSH keys, 2-factor authentication and one-time passcodes.

Infrastructure security

Our underlying infrastructure is designed with modern security concepts like defence in depth. Our security controls are tested extensively by our own security team, third-party testers and through an industry-leading bug bounty program.

Change management

The Dropbox Engineering team’s Formal Change Management Policy ensures that changes have been authorised prior to implementation into production environments.

Content and data controls

Dropbox safeguards your content with document watermarking, granular content permissions and policies, document watermarking and legal holds.