Security News

<< Next Post - Previous Post >>

Dropbox in the Enterprise

In the never ending story that is more issues/concerns with Dropbox, there is an interesting article discussing the recent changes of Terms and Conditions with using Dropbox:

TechRepublic Post

In a nutshell, Dropbox is trying to protect themselves with what they do and can do with your data hosted in their data centre. So it means granting Dropbox and those they work with“worldwide, non-exclusive, royalty-free, sub-licensable rights to use, copy, distribute, prepare derivative works “ from your data.

The TechRepublic article stresses that it is already the case with sites such as Facebook. There is however a big difference. Facebook is mainly used for social content, personal “stuff” (to use Dropbox’s term). Dropbox is not only used for personal “stuff” but also for professional “stuff”.

It sounds as if Dropbox could now use anyintellectualproperty stored on their servers. I am not sure many companies who have users syncing work related documents would be very happy with sharing it to the world.

So, to add to the data leakage risks related to the previous security issues there is a new data loss concerns with Dropbox. Not only do they have the keys to your data but you must agree they can use/reuse it how they see fit.

This raises the question if Dropbox is fit to be used at an enterprise level. From all the above, clearly not. If their claim of having 25 Million users is true, then there is bound to be sensitive information on their servers. If hacker groups go after the likes of Dropbox, they would not target just one company, instead they would impact many.

Dropbox could just be the perfect modern Trojan horse, while companies are busy securing their perimeter they could be loosing control of their data being stored outside those defences.

<< Next Post - Previous Post >>