Dropbox had a big problem recently. The company that handles private documents for thousands of users was hacked. Dropbox users reported that the level of spam was increasing and that this spam was only linked to Dropbox accounts. In short, the spam was coming from Dropbox, nowhere else. What was a huge company like Dropbox to do? Were the company not to respond, it would certainly lose thousands of users. Instead, Dropbox did something that’s completely admirable. The cloud company responded to the reports right away and fixed the security problem. Here are some lessons that every company can learn from Dropbox.
Bringing In An Outside Team
The Dropbox team knew that this particular security breach required specialists. After brining in an outside team (and letting users know of this plan), Dropbox fixed its platform in four ways. First, the company implemented a double sign in method. Users will now have to sign in using a password plus an authentic code. Next, the company added automated detection methods that will detect any foul play. Then, Dropbox asked something of users. From this point on, certain Dropbox users may be asked to change passwords. Password change may be mandatory if a user hasn’t logged into the system in awhile or if a password isn’t strong enough.
Lastly, Dropbox created a specific page for each user. This page lists all of a user’s recent login information. Were a hacker to log into an account, a user would see this false login right away. The outside team that Dropbox brought in implemented all of these security methods. More importantly, Dropbox responded to the hacker alerts within twenty-four hours of the first notification –that’s impressive.
Things to Take Away
The first thing that other companies can learn from Dropbox is response time. Dropbox responded to complaints within twenty-four hours. Most other companies would take much longer to respond. Lesson learned: when there’s a problem with your company, handle it right away. The second thing that can be learned is not to participate in the blame game. Sure, Dropbox users were semi-responsible for this breach. Using a password that’s not secure or is used too often with other accounts isn’t a good idea. But, Dropbox didn’t blame anyone. Instead, the company just fixed the problem.
The third thing that can learned is knowing when to hire experts. The Dropbox team couldn’t fix the issue. So, the company hired a team of experts to find a solution to the problem. As you can see, Dropbox did a great job at handling this situation. A situation that could have been, really, a PR nightmare. Hackers will find a way to play with almost any platform out there, that’s just what hackers do. But, few companies have the diligence to handle things the way that Dropbox did. This, my friends, is what good business is made of.
Dropbox has notified its users that the hacks came from one random perpetrator, and that there is no further danger to Dropbox accounts. Still, folks, it pays to keep in mind that using the same password for a number of different accounts is never a good idea.