Storage devices

How are my files secured?

Storage devices

  • Files are never transferred over the Internet, so there’s no risk of someone sniffing your network traffic
  • Some storage devices provide built-in hardware encryption
  • Two-step verification is not common for storage devices
  • Files cannot be deleted from a lost device
  • Certain types of storage devices are prone to data corruption
  • Malware can be installed when inserting an unknown device into your computer
  • A storage device-based file sharing solution can take place entirely behind your firewall

Dropbox

  • Dropbox encrypts network traffic with SSL/TLS
  • Documents are stored using 256-bit AES encryption
  • Two-step verification capability included
  • Integration with most SAML-based SSO providers
  • Files can be deleted from a lost device with remote wipe with Dropbox Pro or Business
  • Dropbox’s infrastructure follows an n+2 availability model and allows for 99.99% durability
  • Dropbox is accessible right from your computer or the website, removing the risk of malware from external devices
  • Dropbox works with most corporate firewalls, but it cannot be placed behind your company’s firewall

Sharing files with storage devices avoids many of the issues associated with the Internet, but it introduces other vulnerabilities. Most companies don’t implement a formal policy when it comes to handling their storage devices. This often results in a lot of thumb drives, SD cards, or external hard drives laying around, making it very easy to mix them up or misplace them. If they happen to contain sensitive documents, this can become a serious security issue.

In addition, certain types of storage devices are prone to data corruption. For example, inexpensive thumb drives have a limited number of write/erase cycles, which means that eventually the memory will fail, and you might not be able to access your documents. Removing a device without safely ejecting it can also corrupt data if an application was writing to the device.

Dropbox helps alleviate these concerns. It formalizes your company’s file sharing by putting everything in a Dropbox folder on your desktop instead of scattering your documents across different storage devices. It also removes the need for you to maintain and back up hardware, ensuring your data won’t be corrupted. Finally, to address the security problems associated with sending data over the Internet, Dropbox encrypts your documents at rest, as well as while they’re being transmitted between you and us.

For more information on Dropbox security, please see the Dropbox Business Trust Guide.