Dropbox users got some scary news in recent weeks when it was revealed that due to the recent Dropbox hack, the logon credentials of some 68 million users are available for sale on
the Dark Web.
That gigantic number reflects the fact that Dropbox and other consumer-grade file sync and share services are wildly popular these days. They’re easy to use, relatively inexpensive and readily available. Millions of consumers use the free Dropbox to host their personal files, documents, pictures, videos, and to share files with friends and relatives.
Of course, many of these same consumers also use Dropbox for work purposes, often without their employer’s knowledge or consent, for the same reason: access files from any device and sharing them with colleagues, customers and vendors.
Consumer-Grade Sync & Share: A Problem For Business
That highlights a problem for businesses with employees using consumer-grade Dropbox. This is not the first time a Dropbox breach has been in the news, and it’s unlikely it will be the last. Dropbox is a massive, attractive target for hackers. The compromising of user credentials is a headache for consumers, but its impact on businesses can be much more severe. Using stolen usernames and passwords to gain access to sensitive business information, hackers can put a business at risk for regulatory compliance violations, damage to brand and reputation, loss of sensitive employee, customer, partner or patient information, theft of intellectual property and other financial harm.
A Simple Conclusion
The conclusion is simple: consumer-grade file sync and sharing services are not appropriate for use in business. With higher-value data at risk, businesses need to assert a “no consumer-grade Dropbox” policy for users doing company business from their devices, and instead implement
enterprise file sync and share solutions with commercial-grade security features. That includes mechanisms to ensure safe employee file sharing as well as the ability to define and enforce fine-grained policies to defend against unauthorized access and provide logging and reporting for regulatory compliance purposes.
On-premises solutions like
Acronis Access Advanced and cloud solutions hosted by trusted service providers like
Acronis Files Cloud are readily available and worth checking out. In the meantime, keep consumer-grade services like Dropbox out of your business environment. You and your colleagues don’t want to find yourselves among the next 68 million users to be breached.