Brian Jackson - Fotolia

Dropbox Enterprise combats stigma with security, IT features

Dropbox rolled out its new business-focused file-sharing platform, Dropbox Enterprise, which could turn around its reputation of being the most blacklisted business app.

In a move to turn around the stigma that it is not a secure, business-friendly app, Dropbox rolled out an enterprise version of its file-sharing platform this week.

The black eye on Dropbox has been that it is a consumer-level file-sharing platform, and not one that can be trusted by enterprise IT with confidential documents and data. Furthermore, IT can lose visibility of content when it is stored on consumer file-sharing apps.

Dropbox Enterprise combats this issue with a new set of tools available to users, which includes scalable deployment through domain verification and account capture. IT admins will be able to see which employees already have existing personal Dropbox accounts, and can easily onboard these members of the workforce onto enterprise accounts.

Additionally, admins will be granted visibility and access into employee's usage of their Dropbox accounts on the company domain.

The new security features of Dropbox Enterprise include suspended user state, which allows admins to disable an employee's access to the corporate account before deleting it. Admins can log in to an employee's corporate account, if needed.

Dropbox Enterprise and Dropbox Business will also offer custom branding, allowing users to put a company logo on documents, so the recipient will be able to quickly identify it as corporate information.

Dropbox tops blacklisted apps list

Still, it may be difficult for Dropbox to overcome a long-standing reputation that its platform can't be trusted in business. In fact, prior to this release, Dropbox was the No. 1 blacklisted consumer app, according to data released by MobileIron, based in Mountain View, Calif.

The enterprise mobility management (EMM) vendor released this aggregated usage data from a subset of its 10,000 customers, and found these lists of most blacklisted consumer apps and most widely used third-party apps.

OneDrive, Google Drive and the consumer version of Box also made the blacklisted apps list. It should be noted that MobileIron sells [email protected], which competes with the file-sharing apps on its list, but also allows users to connect to Dropbox and other cloud services to improve their security.

The top third-party apps deployed by IT customers include Salesforce, GoodReader, Microsoft Office Suite, Cisco AnyConnect and the enterprise version of Box.

A notable difference between Box and Dropbox is that while both companies have consumer and business versions of their respective platforms, Box's enterprise version is widely used in business, while Dropbox lags in that area compared to its competitor, according to the MobileIron data.

In addition to certain security and management capabilities that Box has had over Dropbox, compliance licenses have played a factor in this; for example, Box has been HIPAA-compliant since November 2012, while Dropbox has not been compliant in healthcare environments until this release of Dropbox Enterprise.

Dropbox declined to comment on MobileIron's survey.

Importance of file-level security

Secure file-sharing platforms in business are necessary -- especially in areas of finance, healthcare and other markets that adhere to compliance regulations in addition to government and legal.

In its aggregated data, MobileIron found that five of the top 10 blacklisted apps among its customers are file sync-and-share apps.

"When end users have attachments in their emails, they may open the attachment and store it in a personal cloud storage drive," said Mike Raggo, director of security research at MobileIron. "Enterprises have concerns about data being stored there without IT's visibility." 

This is why IT departments blacklist apps they do not want employees to use and share corporate content on. Many businesses take a "whack-a-mole" approach to blacklisting applications, but can't ban everyone that is not secure or business-friendly.

Rather than trying to pick apps to blacklist, IT departments should pick apps that they want to allow the workforce to use, said Ray Keeton, senior systems administrator of mobility and messaging at Thompson and Knight LLP, a commercial law firm in Dallas.

Mobile security is a fast-paced area that is not for the weak at heart.
Ray Keetonsenior systems administrator of mobility and messaging at Thompson and Knight LLP

"What does the app do?" he said. "What's the value that it brings? In the enterprise space, you have to vet your apps well before you push them to your users."

The most frequently blacklisted file-sharing platforms can "open up a whole host of challenges," he said. "Those are well known to be huge security holes for company content to be leaving the organization."

Keeton's company services legal clients that are often large corporations, so it is important for him to be able to secure business content with file-level security. His company uses MobileIron's EMM platform, and uses it to approve applications employees can use.

"We take the stance of protecting our firm data at all costs, because that's who we are and what we do," he said. "The users have the ability to easily move content around from wherever they are."

Ease of use is appealing in a security platform, as complexity may drive a user away from it, despite the need for it. One of the biggest vulnerabilities to enterprise security is not a hacker's latest highly sophisticated attack, Keeton said.

"There is a lack of education at there," Keeton said. "You have to want to know. Mobile security is a fast-paced area that is not for the weak at heart."

Ramin Edmond is a news writer with TechTarget's End User Computing media group. Contact him at [email protected].

Next Steps

Dropbox for Business integrates with Active Directory

Dropbox strengthens its login options

Microsoft, Dropbox come together on mobile productivity apps

Dig Deeper on Enterprise mobile security