How Dropbox protects your content

Discover what data encryption really means, and get to know the robust security measures at Dropbox that protect your most sensitive files.

Abstract illustration of a house with a large key hole on the inside.

Here’s a little cloud storage 101: when someone says their files are stored ‘in the cloud’ they’re not actually floating around in the sky. Those vital documents and cherished photos have a home base in giant servers – the same way you’d store files on your own hard drive at home. It’s like having your own personal safety deposit box that’s accessible from anywhere. But just how secure is it? 

At Dropbox, all the important stuff you save to the cloud is protected with best-in-class security and privacy features. Here’s a peek at how those multiple layers of protection work to safeguard your most sensitive info.

Encryption rules 

We know what you’re thinking: your tax returns from the last five years and your family’s will are stored in the cloud, are those documents safe and should I worry about someone stealing my data? And the answer is no, no one can read them. You have encryption to thank for that. Dropbox encryption scrambles readable text so that it can only be read by the person who has the secret code or decryption key. What’s great about Dropbox encryption is that it’s baked into your account. It’s automated, so you don’t have to think about it or opt in.

If you do have files you want to share, you can password protect them and add expiry dates. So, if you were sharing all your secure financial information with your accountant in advance of tax season, a password and expiry date on those documents will ensure they remain private and protected after your accountant has finished their work (and hopefully filed your taxes on time). If you’re putting together a batch of scanned sensitive documents to buy a house or apply for a travelling visa – your birth certificate, passport, bank statements – you can privately and securely store them in a folder and share them with the relevant parties for a set time.

Everyone needs a check-up

Just like your annual medical appointments, your security and privacy needs the occasional check-up. Remember, your Dropbox account can be accessed from various devices, apps and browsers – you’ll want to make sure you have everything secure and buttoned up. Our aptly-named Security Check-Up will help you ensure you are keeping your personal Dropbox account protected. 

It’s a simple and straightforward process, with an easy checklist to help you test your devices, browsers, third-party apps and password security. It’ll walk through the devices you use to access Dropbox – smartphones, tablets, computers – and sign you out of devices you no longer use, like if you were logged on to an old work computer for your Dropbox account. The checkup helps you eliminate any third-party apps that are no longer necessary, whether it’s Slack, G-Suite or Microsoft Office; if you don’t use it anymore, you can remove it. When you’re finished with the checkup, you’ll have a clean bill of health.

A word about passwords

Password protection is key. Our Security Check-Up will help you make sure your passwords are up to scratch, but there are some security best practices that will keep your password – and account – safe. First things first, we recommend using a password manager like Dropbox Passwords that creates unique passwords – and remembers them all for you. Once you’re set up, you can easily sign in to mobile apps, websites and accounts with ease and the utmost security. It’s not just for Dropbox, but all your passwords.

Once you’ve set up Dropbox Passwords, Two-Factor Authentication (AKA 2FA) is next. Simply put, 2FA requires two forms of identification: your main password and then a second method to confirm your identity, either a code sent via text to your smartphone or a mobile authenticator app. You’ll have to use 2FA when you sign in to your account or link a new computer, phone or tablet. A password manager combined with 2FA is a one-two punch of password security to keep your mind at ease and your account protected.

Keeping an eye on the future

Security and privacy are paramount at Dropbox. Which is why, in addition to robust security measures, Dropbox has a Bug Bounty Program. The program encourages external security researchers to report vulnerabilities at Dropbox. We’re ahead of the curve, working with these researchers who report bugs to ensure privacy and security across the Dropbox ecosystem. 

Dropbox users can remain confident in their security now – and as technology evolves.