​Centralised content, granular permissions lead Dropbox Business security play

Better control over folder access as Dropbox claims over 11,000 Australian business customers

Growing enterprise usage of cloud-based file-sharing tools has driven Dropbox to increase the granularity of its access controls and develop a new administration schema upon which additional security features will progressively be rolled out to the company's more than 11,000 Australian and 200,000 worldwide business customers.

The progressive expansion of Dropbox usage within business environments drove the company to focus on improving security controls in the latest enterprise-focused iteration of its Dropbox Business service.

New features such as a Team Folder – which centralises even large volumes of content as well as adding high-granularity controls to complement Dropbox users' individual folders and the business-focused Shared folder – emerged as the company “took user-first design principles and applied them to the user experience,” product manager Tanay Mehta told CSO Australia.

Administrators have often been left to figure out ways of enforcing security controls but the new AdminX console allows them to set permissions such as who can be invited to folders and whether authorised employees can share links with people outside of the team folder, as well as being able to centrally manage settings from the IT group.

“From a single pane of glass, IT can set up Dropbox Business in a much more streamlined and responsive way than they could before,” Mehta said, adding that file-level logging means “they can also investigate end-user activity and get the right level of visibility into what their users are doing on the platform.”

Such visibility has become crucial in protecting enterprise security profiles, with control over enterprise data suffering from the addition of channels such as mobile access and one Ponemon Institute study finding that many managers turn a blind eye to informal file-sharing practices within the company.

With studies suggesting that 1 in 10 broadly shared files expose sensitive and regulated data, and that 23 percent of documents shared through cloud-storage applications are available to the public, security has emerged as a key differentatior in the hyper-competitive cloud file-sharing market.

Companies like Barracuda Networks, for example, have pitched security features to lure business users to its Copy file-sharing service. For its part, Symantec's inability to apply its security nous to its own Norton Zone file-sharing tool led to its discontinuation in 2014.

Aiming to keep up the pace, the reworked Dropbox Business environment also lets administrators set a limit on the number of mobile devices that are connected to an end-user's Dropbox environment – allowing control over the company's exposure to data leakage as users expand their Dropbox usage across laptops, tablets, smartphones, and home and work computers.

“With file-level logging and a refreshed UI, admins can quickly understand what may have happened to a user's device,” Mehta said. “It's all about making IT the hero by enabling them to administer at scale.”

Tags dropboxbusiness securityuser experiencecloud-based file sharing toolsDropbox Businesssecurity storage

Show Comments