Secure Cloud Usage for Teams: Dropbox Best Practice
We have talked about the advantages and risks of using the cloud on many occasions. As providers of encryption software your data security is our greatest concern. But did you know we’re using an encrypted cloud storage in our daily office work ourselves? This article offers you some of our best practices how to use Boxcryptor with Dropbox. This way, you are able to keep data security at a maximum without giving up the cloud’s comfort and usability.
What is Dropbox?
At Boxcryptor we mostly use Dropbox for saving and sharing data across different work places and between colleagues. Therefore, Dropbox serves as an online hard drive in the first place, but it offers us a variety of advantages over an ordinary local drive as well. Dropbox makes everything easier for us as editing, sharing, and collaborating as a team become more efficient and secure.
How Does Dropbox Work?
To store data online, Dropbox adds a new folder to your local file system. Every file inside this special folder will be synchronized to the Dropbox servers and kept up-to-date automatically. Editing happens in a local copy of the respective file – on your own computer – which will be updated online the moment you save your changes. However, old versions will not be simply replaced. This is the first advantage of the cloud over local drives. The newly saved version of a file will simply be saved on top, like putting a new copy on top of a stack of older documents. If you need access to an older version for whatever reason, you can simply recover it from the cloud. This is even possible with deleted files. This way, Dropbox doesn’t only serve you as a hard drive, it will also take care of versioning older drafts.
But why is this important? We may speak from our own experience at Boxcryptor if we say: a quick and simple data recovery may save your day every now and when. Because like any other office we feature a whole lot of the most common reasons for data loss: humans.
The First Step: Building Up a (Good) Folder Structure
Building up a well-thought-out folder structure to organize your files is always essential. This doesn’t change with cloud storages. Therefore, setting up a structure should be the first step after creating the sync folder on your computer. While doing so, you should already consider which files you’d like to have on your own hard drive only and which should be secured online. From our experience it’s best practice to take the team’s structure as a blueprint: which users need access to which files?
Team structures are easy to reflect in the set-up of your Dropbox folder. In doing so, everything from sharing whole team folders to the most granular permission management is only a few klicks away. Settings in the cloud service’s client will automatically apply to all team members – across all platforms and devices.
Our Tip: In addition to common shared folders, Dropbox offers so-called team folders. They have to be created by the system administrator and will appear for all team members with fitting permissions automatically. The folder itself can’t be edited by the staff (which means it also can’t be accidentally deleted, moved, or renamed) while the content stays editable.
Creating, Editing, and Sharing: Permissions
The initial set-up was your first step to a more efficient and secure cloud usage: permission management within your team takes only a few clicks from now on. Newly created files will inherit the settings of their parent folder per default. As soon as you share a whole folder, all permissions apply to files in that respective folder, even future ones. At the same time, you can still share selected files – e.g. for giving a colleague insight into a certain document – at any time. Selected recipients will have access via a shared link, created through right-clicking files or folders. Recipients don’t even have to be part of your company. Sharing cloud files brings an end to complex file uploads, full email mailboxes, and outdated file versions.
“It’s very easy to set up teams in Dropbox. You can assign certain users to access specific folders while restricting how those documents are handled. For example, what if you want staff to read a document but not edit it? This prevents making mistakes as well as accidental overwriting of original files.” (Anna Gargioni, greengeeks.com)
Within Boxcryptor’s marketing team, for example, we actively exchange files e.g. to match texts and graphics, and to correct our colleagues’ drafts. Instead of sending around awkwardly named working files, every team member simply accesses the latest version in our shared Dropbox folder. Comments and edits are made in one single document, real-time and without circumstances. Just make sure to avoid simultaneous work in a file which can cause conflicted copies.
Our tip: We suggest to activate app-based version tracking if available (e.g. in Microsoft Word). Combined with Dropbox’s auto-versioning it’s the best way to prevent data loss. Additionally, you can keep track of all the edits made to a document at just one glance.
Secure Sharing: File Sharing or Granting Folder Access?
Dropbox offers two different sharing options: one for complete folders, another for single files. The first is the most convenient for smaller, trusted teams collaborating on a joint project. However, it is important to be aware that everyone who has access can move and remove data withing these folders – a very common mistake happening with shared data. Therefore, the latter option might be more secure when dealing with external partners: sharing single files via link. To do so, files don’t have to be removed from a folder: shared access is only granted to the respective documents. The rest of the files remain invisible and inaccessible.
Our tip: Secure file sharing within your team with Boxcryptor in combination with Dropbox is highly convenient and secure. To share files with external partners we recommend using Whisply, our own end-to-end encrypted (E2EE) file sharing service. It is available directly in Boxcryptor, via right-click on a file. Recipients neither need a Dropbox nor a Boxcryptor account and additional security levels can be added on top. Whisply can be used to share an unlimited number of individual files or compressed .zip folders.
Increase Your Level of Control
In addition to better collaboration, cloud services like Dropbox also help to increase the level of control over your data. This might sound paradox at first as data is stored on foreign servers. But this is exactly where they have a big advantage over local hard drives or servers: access control does not happen on a user’s end device but is linked to user accounts. Since access permissions are assigned from a central authority (ideally your system administrator), access can also be revoked again remotely, without the need of physical access to the user’s device.
User management for companies is more practical: team members’ access permissions can be added, changed, and removed, without changing the files themselves.
As synchronization is controlled from the cloud provider’s client, it can also be reversed from there. In a nutshell: data can be [remotely wiped from devices. Consider, for example, the theft of a company device. In this case, you won’t only be able to remove access permissions but you can remove the files from the device as well. All other local copies, as well as the original on the cloud server, will remain untouched. Please don’t delete files directly in your Dropbox! In that case they’ll disappear on all devices. For a proper remote wipe, please follow the instructions on the Dropbox website.
Saving Hard Drive Capacities: Selective Sync and Smart Sync
One of the most important and frequently named advantages of cloud storage is that it makes local hard drive capacities unnecessary. Unfortunately, this is only partially correct as even cloud files need to be downloaded as a local copy to enable editing – and per default this copy remains on the hard drive afterwards. But still, the saving of hard drive capacities is not a myth: the cloud can reduce extensive backup structures and the necessity of mobile storage media for data exchange, e.g. flash drives.
Additionally, selective synchronization may as well help you reduce the capacities needed on your hard drive, by downloading only files you actually want to edit. Team projects can be synced on demand while they remain theoretically available all the time but don’t occupy space on your hard drive until you actively request them. In the same way, old files and folders (e.g. archives) can be kept on demand online.
Boxcryptor supports the functionality of Dropbox Smart Sync. You can simply download and open online-only files by double-clicking on them in the Boxcryptor drive.
Important note: To download files an active internet connection is required. Once a file is downloaded it is available for offline editing as well. However, all changes made offline (and with it, the backup) will only be uploaded and available for other team members after reconnection and synchronization.
Most Common Mistakes
Basically, only a few mistakes can be made when operating Dropbox in combination with Boxcryptor. The most important thing is to make sure that data only is synced to the cloud when it is encrypted. This means: always work from the virtual Boxcryptor drive. Why should you never use any cloud storage unencrypted? Read this article to get to know our arguments on the topic.
This includes avoiding to move files outside of Dropbox and the Boxcryptor drive, e.g. via moving it to your desktop. By doing so, files would become unavailable for team members, can be easily deleted by accident, or lost when a device is stolen.
Finally, please make sure your synchronization to Dropbox is always active and your device is connected to the cloud client. Otherwise changes won’t be synced and made available for your team members. This, of course, requires an active internet connection. For your own data security, it’s best to use offline editing only under special circumstances. In that case, please make sure that all changes are synced properly as soon as you reconnect.
Boxcryptor and Dropbox
Boxcryptor was originally developed for encrypting Dropbox data. Today, we support a broad list of different cloud providers. But our special history with Dropbox lead to our Premier Technology Partnership with Dropbox. This partnership puts us among the first to be informed about new features of Dropbox, so we are able to support them with our encryption software early on.
If you are not certain about Dropbox being the best cloud provider for your purpose, you can check our cloud provider comparisons for private or business users. Boxcryptor is always available as your service of choice to add end-to-end encryption for maximum data security. If you have already chosen a cloud provider but are using it without encryption you can start right away. Just have a look at our Boxcryptor for Teams page, where you can find more information and start a free trial.