Dropbox rolled out an enterprise version of its web based file-sharing network this month to combat concerns that it is not a secure platform for businesses, including law firms.
Dropbox has been criticized by a variety of sources that it is not secure and therefore not a trusted consideration for business use. Prior to this release, Dropbox was one of the top blacklisted consumer apps by MobileIron, based in Mountain View, CA.
Historically, Dropbox users are individuals. Looking at their brief history, it is clear that Dropbox evolved primarily as a way for consumers to collaborate and store data in a cloud-based folder system. That is a start, but business users, such as law firms, need more.
Thus, Dropbox has introduced Dropbox Enterprise to respond to its critics with a new set of tools available to users, which now includes “scalable deployment through domain verification and account capture”. Firm administrators can now see and control which employees already have existing personal Dropbox accounts, and can easily onboard these individual Dropbox Enterprise user accounts into its controlled Dropbox enterprise account/environment. Further company administrators are able to review and access employee usage of their Dropbox accounts associated with the company domain . Further, new security features of Dropbox Enterprise include suspended user state, which allows admins to disable an employee's access to the corporate account before deleting it.
Dropbox Enterprise takes the security and management features from Dropbox Business and adds domain management tools, collaboration insights, premium integration and development support, an assigned success manager, and full deployment support and user training.
“Dropbox Enterprise and Dropbox Business will also offer custom branding, allowing users to put a company logo on documents, so the recipient will be able to quickly identify it as corporate information.”
DROPBOX and LAWYERS
Probably the first place that lawyers go for cloud services is off-site storage. According to the American Bar Association’s Legal Technology Resource Center’s 2014 Survey Report, 56% of respondents reported using online storage for law-related tasks. The explosion of mobile device usage drove hordes of lawyers to applications like Dropbox. Dropbox remains the uncrowned leader of cloud storage. To add insult to injury, legal software developers provide integration with Dropbox unsecured storage service more any other cloud provider.
Quite frankly, security is a very real concern for attorneys that is very much ignored. We act like ostriches with our heads buried in the sand when it comes to ensuring that our companies and networks are secure. Many firms have alarm systems on windows and doors, but leave their networks wide open and vulnerable to a cyber-attack. Lawyers have largely turned a blind eye to security and the legal industry is seen by cyber criminals as ripe for data hacks, easy breaches and the like. And this includes documentation and data stored on systems like Dropbox. With standards hovering over lawyers from HIPAA (the federal Health Insurance Portability and Accountability Act), SOC (Service Organization Control), PCI (Payment Card Industry) standards, and various ISO (International Standards Organization) standards, lawyers MUST stop and assess their network security, firewall competence, user storage protocols, and the like. Remember that the Rules of Professional Responsibility and ABA Model Rules recently required relevant competence in technology among attorneys.
Rest assured, the legal industry is not alone and businesses throughout the U.S. are now putting more scrutiny on the cloud providers, especially storage providers like Dropbox. And a part of the scrutiny MUST include who in the firm is using cloud based storage systems like Drobox. Frankly, most of us just know that our colleagues and employees are utilizing Drobox and NOW is the time to address these concerns. Failure to do so may subject your firm to a variety of fines from a variety of regulatory agencies.
Now, with Drobox Enterprise, the company specifically addresses concerns and regulations like HIPAA, ISO 27001, ISO 27018, and SOC 1, 2, and 3.
If your firm is using Drobox (and, rest assured, members of your firm probably are), not only should you immediately stop and assess how Drobox is being used, what’s being stored there and if you plan to continue same, consider upgrading to Dropbox Business or Enterprise today.