As previously discussed, Dropbox is a very easy-to-use and useful consumer application. In the workplace however, it exposes companies to increased risks of data theft, data loss, corrupted data, compliance violations, accountability issues, sharing of sensitive information and possible government access. It is for these reasons that Dropbox is in fact the number 1 most blacklisted application by corporate security policies.
Why do employees use Dropbox?
Simply disallowing people to use applications they consider beneficial to their productivity, and with merit, is hardly ever a good approach. Companies that succeed will therefore tend to follow four basic steps that can apply to any application that does not respect company policies.
Prevent Dropbox, Google Drive, OneDrive or similar applications in the workplace
Create a formal policy against applications such as Dropbox:
Protecting your information starts with the documentation and communication of a policy against the use of applications that do not meet your company’s security requirements. Explain why these applications cannot be used for your company. Make sure the policy is clearly written, communicated and shared.
Communicate this policy through company management:
Lead by example. Make sure all levels of management understand why these applications are best avoided, and ask them to communicate this message. By following a top-down approach you will be sure that those people with access to the most sensitive data will be the first to know what to avoid.
Block or blacklist the applications:
Restricting applications can be done in several ways. Corporate firewalls can be used if your employees are on the company premises or work over a VPN connection. IP addresses of services can be blacklisted, or next-generation firewalls can directly exclude specific applications by inspecting the data sent. If you maintain administrative rights over work computers, excluding the use or installation of the applications itself is possible too. Finally solutions such as OpenDNS can be used to filter the outgoing traffic. Read more on these actions in our white paper.
Propose an alternative:
Ultimately, any action to prevent the use of practical applications will be met with resistance if no alternative is provided. A suitable alternative should a) offer the same possibilities b) be just as easy to use and c) address the aforementioned issues and solve them. Also, business-class file sync services will add features to increase security and productivity within the organization: file servers can be directly linked to the cloud, VPN and FTP connections can be avoided and users can be authenticated through the company’s own authentication servers.
In the end, software that can put the company’s security or position in jeopardy, even when adding to productivity, is best avoided. Alternatives are numerous, so it becomes a question of choosing and proposing a suitable substitute. And with the use of the cloud, maybe it’s possible to replace some of that older hardware and technology at the same time?
How does vBoxxCloud tackle typical Dropbox issues? What other features does vBoxxCloud provide to make businesses more secure, more productive, and more profitable? Read our other blog ‘Six security features vBoxxCloud’ for more information about the restrictions of Dropbox.