How are my files secured?


  • FTPS and SFTP encrypt network traffic with SSL/TLS/SSH
  • Files are unecrypted by default. Encrypted storage requires third party software.
  • The FTP server must be secured and maintained by your IT department
  • On-premises FTP servers must be backed up by your IT department
  • Two-step verification requires third-party software
  • Files cannot be deleted from a lost computer or mobile device
  • On-premises FTP servers can be protected by your company’s firewall


  • Dropbox encrypts network traffic with SSL/TLS
  • Documents are stored using 256-bit AES encryption
  • Integration with most SAML-based SSO providers
  • You don’t need to worry about server security settings or maintenance
  • Your documents are automatically backed up in the cloud
  • Two-step verification comes built-in
  • Files can be deleted from a lost device with remote wipe

FTPS and SFTP protect your data while it’s in transit to the server, but that’s about as far as they go towards securing your documents. You still need to take additional security measures like installing software patches, enabling autobanning/logging/disk quotas, and controlling access to the physical server. In addition, a proper backup scheme requires your IT department to make periodic copies of the server and store them off-site.

For many teams, it’s much easier to outsource your file sharing security to a cloud-based solution. Dropbox takes care of encryption, software maintenance, physical security of its data centers, and backups. In addition, it offers security features like two-step verification and remote wipe. Dropbox also complies with several industry standards and is independently audited, so you can trust that your data is secure.

For more information on Dropbox security, please see the Dropbox Business Trust Guide.