Dropbox Business Platform
Built on a strong foundation: Dropbox is built with multiple layers of protection across a distributed, reliable infrastructure. With 1.2 billion files synced each day, our infrastructure is optimized for performance on a massive scale and backed by a world-class security organization.
• Compliance to meet your business requirements: Dropbox combines the most accepted standards — like ISO 27001 and SOC 2 — with compliance measures geared to our customers’ specific industries. We provide reports from third-party auditors to help you verify our security practices.
• Adoption – the ultimate security advantage: At Dropbox, we know that real security starts by bringing users onto a sanctioned platform. Dropbox Enterprise leverages ease-of-use and adoption to centralize company data, resulting in greater visibility and control.
Dropbox Security Features
By design, Dropbox provides a unique security mechanism that goes beyond traditional encryption to protect user data. The Encryption and Application Services process files from the Dropbox applications by splitting each into blocks, encrypting each file block using a strong cipher, and synchronizing only blocks that have been modified between revisions.
Encryption is an important component of our security protocol. To protect data in transit between Dropbox apps and our servers, Dropbox uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) for data transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. Dropbox files at rest are encrypted using 256-bit Advanced Encryption Standard (AES).
Dropbox stores two kinds of data: file content (file blocks) and metadata about files and users. All metadata is stored on Dropbox servers. Most file content is also stored on Dropbox servers, in a system known as Magic Pocket. This system, which consists of both proprietary software and hardware, has been designed from the ground up to be reliable and secure. A smaller portion of file content is stored by a managed service provider, Amazon Web Services (AWS). In both Magic Pocket and AWS, file blocks are encrypted at rest, and both systems meet high standards for reliability.
Reliability and durability
Dropbox’s architecture, applications, and sync mechanisms work together to protect user data and make it highly available. Redundant copies of metadata are distributed across independent devices within a data center in an N+2 availability model. Hourly incremental and daily full backups are performed on all metadata. Redundant copies of file blocks are stored independently in at least two separate geographic regions and replicated reliably within each region. Both Magic Pocket and AWS are designed to provide annual data durability of at least 99.999999999%.
In the rare event of a service availability outage, Dropbox users still have access to the latest synced copies of their files in the local Dropbox folder on linked computers. Copies of files synced to the Dropbox desktop client/local folder will be accessible from a user’s hard drive during downtime, outages, or when offline. Changes to files and folders will be synced to Dropbox once service or connectivity is restored.