As with so many things on the cloud, Dropbox has security issues that seem to continue. Security Measures On Dropbox are not want you want to hear about when important information and data are being saved on files through Dropbox and other software. The biggest concern is that many understand the security issues that Dropbox has and are using the server for storing highly sensitive information regardless.
Password Security Compromised
One of the issues that Dropbox has faced recently was an attack in which the passwords of users were compromised. The passwords were not only stolen, but they were published for other hackers to have access to the different accounts. This meant that the affected accounts were vulnerable to attack from several different parties.
It should be mentioned that even a secure file sharing program is vulnerable to attack these days. LinkedIn, Zappos and several other sites have been victim to hacker attacks in which personal data was stolen and used for devious purposes. However, it is not about the risk that is posed in the first place, but what the service is willing to do in order to fix the problem.
Minimal Fixes Do Not Solve the Problem
The solution Dropbox came up with was simply not enough to protect all users. They reset the passwords for just those who were affected by the hackers. This is great for those who have already been affected, but it does not address the security concerns of the rest of the users that haven’t turned to secure file sharing programs like R/Link by Rocket Software.
According to Rob Sobers, LinkedIn followed a similar path and it does not address the overall security concerns. After all, the stolen passwords Dropbox knows about may only be the tip of the iceberg. It is important to take greater steps to assure that the rest of the users are safe. This is what Zappos did when their security was breached. It was a bit inconvenient for all the users to reset their password, but in the long run, it is better than apologizing for not taking measures that actually mean something.
Even More Unsettling News
In addition to the information about the hackers stealing information about accounts, there are news reports about an employee at Dropbox storing customer data in a personal Dropbox account. This leaves the data even more vulnerable to being accessed by hackers. The concern lies in the fact that the Dropbox employee who stored the customer data in their Dropbox folder may also re-use their password.
The security risks at Dropbox are supposed to be addressed now with more updates to the security system thanks to two-factor authentication, strange behavior resulting in automatic alerts, and account access being available in an audit log. Whether these new security measures will be enough to provide security to those using Dropbox has yet to be seen. Until then, it is a good idea to be wary of anything being used on Dropbox and not to store anything there that needs to be secure.