Dropbox.com Is Not Ready.
If you have a business, and you are using Dropbox.com, you do not want to store any of your files on its cloud-based storage system. They have proven that they arenot (for now, at least) an enterprise-ready company, given the latest unfortunate news of user passwords being compromised.
Organizations using Dropbox.com should consult with IT departments or IT support service providers to make sure no classified or sensitive material exist on its cloud-based storage system. This, in fact, does show the vulnerability of cloud computing, but it’s usually not the case for the majority of the providers out there, that have major security policies in place to prevent such a compromise.
The security breach started with a stolen employee password, which led to the theft of a “project document” that contained user e-mail addresses. Confirmed by Dropbox on Tuesday, the hacker with the stolen information proceeded to spam European users of the cloud-based service with ads of gambling websites.
After investigating the theft, it was found that usernames and passwords stolen from other websites were used to access a number of Dropbox accounts. Users were using the same credentials from other sites to access their Dropbox account, which is a bigsecurity risk, because that’s exactly what hackers are looking for out there once they have your personal account information. The risks can become exponential by not having unique passwords for different sites.
Dropbox is definitely not the first, nor the last, to have such far-reaching security breach. Lately, companies such as LinkedIn and Yahoo experienced similar breaches. This goes to show the importance of IT security, especially for companies with large user databases. Yes, users need to be protected. On the other hand, users need to know that a unique password for each online account is the best approach to take. It is also important for IT departments and executives to work together to make sure employees are not able to store sensitive company information on cloud-based storage systems that are not secure and verified.
Although employees are now expected to use more services, such as mobile devices, tablets and other gadgets outside the watchful eye of IT departments, the frequent use of personal devices just increases the overall risks. And though more and more companies are allowing BYOD (bring your own devices) to work because it simply saves costs, a lot of them have security policies in place in order to allow users to use these gadgets for work without compromising the entire infrastructure or database.