Dropbox announced the issue of ISO 27001 certificate, an addition to the serious list of compliances for Dropbox for Business. The new certificate includes 2013 revision of the standard certificate and has been updated and upgraded with the cloud services in mind.
Dropbox for Business received its ISO 27001 certificate by an independent third party based in the Netherlands. This certificate is recognized by countries that have IAF membership. The certificate validates the approach of the company to maintain integrity and availability of data, as well as to keep the security and confidentiality of that data.
Dropbox for Business is among the first to be certified based on the 2013 revision of the standard that has been updated having the Cloud services in mind. With that certificate, the company further confirms its desire to improve the security of the data sent under the ISO/IEC 27001:2013 standard. The information security management program that the company has created has been tested in this standard, which is globally accepted.
In July Dropbox company announced the additional enhancing of the Dropbox for Business security features. The company improved the sharing permission, as it added a password protection and expiration time in order to ensure that the links are not active for a longer period than needed. The links are usually shared through emails, when they are sent to users who do not have accounts in Dropbox.
Another new function is the read-only shared folders function. Thanks to it, the administrators will be able to control the users who can see and edit the contents. The main aim is for the employees to be productive and to feel that their data is secure and safe with Dropbox for Business.
In early October, a hacker group claimed that it got access to almost 7 million Dropbox accounts. This claim was disputed in a statement by Dropbox afterwards. The company informed its users that there were usernames and passwords that were stolen and attempts for logging into the accounts. However, the company has detected these attacks and the passwords have been expired.