Two of the largest cloud storage providers have come under scrutiny after it was revealed that users may be inadvertently leaking data.
Both Dropbox and Box have been criticised for their link-sharing services, which may be resulting in users leaking data without their knowledge.
Not a security flaw – just a lack of user knowledge
The two providers allow users to share files via links but competitor, Intralinks, has said that it found trails to these links in websites’ referral data.
Enterprise cloud provider, Box, said that the revelation was not a security flaw as such, but rather a case of users not having the appropriate level of knowledge about sharing permissions.
Dropbox has disabled access to links that have already been shared and implemented a patch to prevent such exposures going forward.
Need to reconsider your cloud storage policies?
Regardless of the reasons why, businesses will be rightly concerned that staff using cloud-based file sharing services may be putting confidential data at risk. If you wish to review your cloud storage services, please do not hesitate to contact us today.
In a blog post on dropbox.com, the service provider said, “We realise that many of your workflows depend on shared links, and we apologise for the inconvenience. We’ll continue working hard to make sure your stuff is safe and keep you updated on any new developments.”
However, this was not the only flaw that Intralinks highlighted. Chief technology officer for Europe, Middle East and Africa Richard Anstey said that if users accidentally pasted a link into Google’s search bar rather than the address bar, the link might be exposed to those paying for Google AdWords that matched any of the terms in the URL.