The Community is undergoing a major upgrade. Find out more, ask us questions or share your thoughts here.
Forum Discussion
Security Measures Practiced By Dropbox
My very small company uses Dropbox for our work files storage. We have been asked by a new customer IT audit to provide evidence of "our" penetration testing (how often done, provide a redacted report if we're using a 3rd party provider for our data storage) and vulnerability management practices. I am trying to find anything specific to these topics that Dropbox does on a daily or continuous basis, so I can reply to the survey. We don't do these things for ourselves and have told the new customer that we use a 3rd party provider to store data. Thanks for any help!
JAC59 wrote:
I am trying to find anything specific to these topics that Dropbox does on a daily or continuous basis, so I can reply to the survey.
Refer to the following help article:
Hi, Rich,
Thanks very much for your help!
I was hoping that there might be some more technically-detailed statement available from Dropbox such as "we do penetration testing of all of our server. sites in accordance with XYZ standard every X days (or continuously, or whatever). Identified vulnerabilities are ranked as to their risk and resolved as soon as possible".
What you provided is probably as good as it's going to get for a small user like me. I'm very happy with Dropbox and have been a customer for a long time, and having to answer a question like this for a customer's IT survey is pretty unusual.
Thanks again!
