After announcing its transparency principles, Dropbox is back to highlight once again how it securely protects your files. And it does that on June 5th, the anniversary of the Snowden revelations.
For Dropbox, your privacy and security come first, the blog post informs. And to protect your online privacy, the company has taken a handful of security measures: files sent or retrieved from your Dropbox account are encrypted while traveling (between you and servers), while resting on servers or moving between data centers.
Secondly, the company has implemented certificate pinning both on desktop and mobile, identifying the service users connect to for uploading their files.
Since this isn’t enough, they say, the uploaded files are fragmented into chunks. Furthermore, each time you use Dropbox, the app creates new encryption keys, and extra precaution, they call perfect forward security. This prevents hackers from deciphering future traffic if the key — for some reason — was previously compromised.
On top of all this, we’re always improving our security to be more effective against evolving threats from potential attackers. For example, we patched our services within hours of finding out about Heartbleed. We also test our apps regularly and work with experts outside Dropbox to identify and fix potential vulnerabilities.
Also, Dropbox emphasizes how it educates its users via the password strength detector and users can opt for two-step verification. Have you checked the security tab recently?