<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

Despite Increased Focus on Security, Dropbox Still Lacking

Ipswitch Blog| September 17 2015

| security

dropbox-security-issues
Earlier this year we warned of fake Dropbox emails that urge users to click on emails labeled as “urgent and highly confidential” documents. Those that followed these instructions were quickly added to the list of victims of a highly-effective phishing scheme as the redirect was to a false log-in page designed to capture user credentials. As our own Alessandro Pooro said at the time, “Dropbox is vulnerable to these common attacks as it was not originally designed with enterprise security in mind.”

It’s no secret that phishing campaigns against Dropbox users have spiked recently as cyber-criminals have identified this as a weak link in the security chain. Sensitive corporate and personal data is often contained throughout these accounts but are not subject to the same protections and level of vigilance as data on the corporate network.

In an effort to combat this, Dropbox has announced that they are turning to USB-based security keys to improve log-in security and better protect users from phishing attempts. Physical security keys are viewed as stronger than smartphone-based two-factor authentication solutions as the latter still exposes the user to the risk of being directed toward a fake Dropbox site designed to phish their password and verification code. However, using this type of file sharing service to share sensitive information is still wrought with risk and uncertainty.

Because information on Dropbox is stored rather than moved, it represents a “soft” target for hackers long after the information has been shared and forgotten about. Instead, users should consider a managed file transfer (MFT) solution that protects sensitive files before, during, and after transfer with guaranteed delivery. With the highest levels of encryption and a range of customization options, MFT is the safest and easiest way to exchange sensitive information.

 

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Ipswitch Blog

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.