Dropbox, the widely adopted file-hosting service that syncs documents to the cloud has responded to concerns about security by adding a two-step verification for all its accounts.
The verification process is optional but recommended by Dropbox and certainly recommended for lawyers and legal professionals.
In addition to their existing passwords, it requires users to enter an additional security code in order to sign in, or link a new computer, phone or other device. A text message containing the security code is sent to the user’s phone. Dropbox should make this additional security layer mandatory.
Dropbox already uses modern encryption methods to both transfer and store your data:
- Secure Sockets Layer (SSL) and AES-256 bit encryption
- Dropbox website and client software have been hardened against attacks from hackers
- Public files are only viewable by people who have a link to the file(s). Public folders are not browsable or searchable
The two-step verification process is being rolled out over the next few days for all accounts. You can find detailed instructions on the Dropbox help page.
The safety of client files is, and should be a concern for lawyers, and Dropbox has responded to security questions with high-level encryption and a two-factor authentication process.