Dropbox Security Tips to Know in 2020
When it comes to security, Dropbox does make quite a few tall claims and rightly so. As your data is being transmitted between Dropbox app and its servers, it is encrypted by SSL and TLS and safeguarded by AES (Advanced Encryption Standard) encryption. Furthermore, upon reaching the Dropbox’s server, 256-bit AES is used to encrypt data which is a sophisticated and recognized standard.
Hence, without an encryption key, data cannot be accessed. Later, the data is again transmitted over an encrypted channel while the information is synced with all your devices and then decrypted as it is stored on your PC or smartphone. Having said that, let us discuss the security loopholes that Dropbox can be subjected to and some tips of avoiding them and keeping your data safe and secure:
SECURITY LOOPHOLES
Although encryption efficiently does its job of keeping your data protected but nevertheless, it isn’t a foolproof security feature. A few of Dropbox’s trusted employees have access to encryption keys that can be used to unlock and access your data. As horrible as it may sound, the likelihood of employees getting berserk is quite low. However, the fact of the matter is that your data can be a victim of employee error- for example, a security breach has been recorded in the past when an employee mistakenly used the company password on some other website leading to users’ data leaks.
Furthermore, Dropbox is liable to provide access to the data of its users to government agencies in case of a formal request from the government. But Dropbox makes a point to inform the user whose data is being requested, unless legally prohibited to do so. Moreover, Dropbox also investigates the request and resists where appropriate. More information can be found here.
Hence, keeping the issue of your privacy and data security in view, we have compiled a list of some tips that you can follow to ensure that your data stays secure at Dropbox.
- Mobile Phone Verification:
It is a smart idea to turn on the feature of Two-Step-Verification, a feature that sends a unique code on your mobile number, if an unknown device attempts to access your Dropbox account. This code must be entered to gain access to your account; otherwise it’ll remain locked, thereby protecting your data. To avail this feature, go to Settings -> Security -> Two Step Verification
- Unlink Older Devices:
For better security, it’s always wise to unlink all devices from your Dropbox account that you have used to log-in your Dropbox account at some point in the past but aren’t in your use anymore. To avail this feature, go to Settings -> Security-Devices
- Use Strong and Unique Password:
As for all other applications, it is strongly recommended to use a strong and unique password for your Dropbox account as well. A strong password refers to the password that is hard to crack, ideally a combination of alphabets, numbers, and symbols. It is also advisable to change your password from time to time.
- Connected Applications:
When you connect to Dropbox through a third-party app, it means that you have given permission to that app to access your data. Luckily, you can revoke permission to any/all apps whenever you want. All the apps connected to Dropbox can be viewed by going to Settings -> Connected apps.
- Web Sessions:
In case you suspect that your Dropbox account is being used elsewhere, you can go to Settings -> Security -> Web Browsers to check all the active web sessions and make sure that your account isn’t logged-in from an unknown device.
- Virtual Private Network (VPN):
Dropbox can track your location through your IP address that pinpoints your geographical area. If that makes you uneasy, you can use Virtual Private Network (VPN) that hides your actual IP address by redirecting your browser to a server on a VPN instead of a public server.
NOTE: If at any point while using Dropbox, you do feel that you have become victim of a cyber-attack and your account has fallen into the hands of hackers, you can report directly to the Dropbox support team. Apart from that, any other kind of security bugs can be reported to third-party service HackerOne.
Stay cautious! Stay Safe!
Raza Ali Kazmi works as an editor and technology content writer at Sorcim Technologies (Pvt) Ltd. He loves to pen down articles on a wide array of technology related topics and has also been diligently testing software solutions on Windows & Mac platforms.