Are Dropbox, Google Drive and OneDrive Safe for Businesses?

When it comes to sharing files with others, there are endless file syncing and sharing services out there to choose from. Some are super easy and even free to use which is why they are so popular with consumers. These sites are great for sharing vacation photos or family recipes with loved ones. But companies have no business sharing private, sensitive or proprietary data through platforms like Dropbox, Google Drive, OneDrive, FileShare, etc. Doing so could land your company in the news – and not in a good way.

Here are four reasons to think twice about using certain sharing platforms for business.

Highly Hackable

Dropbox has been plagued with major security blunders since its inception in 2007. One of those major gaffes in 2016 exposed the usernames and passwords of 68 million users. And in 2017, there was a big brouhaha in Hollywood when it was discovered that Michelle Williams was paid considerably less than Mark Wahlberg for reshooting scenes for the movie All the Money in the World. This turned into a colossal PR nightmare for the studio and production company. It was discovered that contracts for the actors’ and actresses’ contracts had been shared in Dropbox and ultimately wound up in the hands of hackers.

Although Dropbox has said they’ve put several security measures in place to protect users’ data, their track record is enough to dissuade organizations from taking the risk.

Multitenancy Architecture

Multitenancy is a type of software architecture in which server resources are divided and shared among different customers. Public cloud platforms all have multitenant structures. One of the benefits of multitenancy is cost savings. Think of it as condo residents sharing services such as grounds maintenance. While saving money sounds like a good incentive to use Google Drive or One Drive, it’s not wise to place private company data on a multitenant platform. Single-tenant systems, on the other hand, are designed to isolate data and are better suited for organizations’ shared data.

Lack of Control

With platforms like Dropbox and Google Drive, you are not the custodian of your data. You do have very limited control over how your data is collected, used and shared. But you have no control over how or where your data is stored and backed up. For example, Dropbox’s end-user licensing agreement specifically states that they are not liable for any loss of use, data, business, or profits.

Compliance is Complicated

While many of these cloud-sharing solutions can meet strict compliance requirements, the burden falls on the customer to review the provider’s agreements and then configure the tools to meet your requirements. This is no small task.

Lacks ‘Zero Knowledge Encryption’

Zero Knowledge Encryption means that no one, except you (not even the service provider), has access to your data. You are the only person who has your data’s encryption keys. OneDrive, Google Drive and Dropbox all maintain access to your encryption keys and are therefore capable of decrypting your files. There are third-party apps that will allow you to encrypt your data before sharing on a cloud service, however, this adds complexity and risk to managing your data.


For these reasons, public file-sharing platforms should only be used to store or share data that is not sensitive, protected or confidential.

Better Options for File Sharing

There are file-sharing tools that are more secure and better suited for businesses that need to share files both internally and with clients or vendors including FileCloud, CenterStack and CrushFTP. For a use comparison of those platforms, CLICK HERE.

Schedule a free 15-minute discovery call
We’ll discuss your IT requirements and assess whether we’re the right fit for you.


Liked the articles?

Well, there’s plenty more where that came from! Our incredible team is constantly on the lookout for the latest and greatest IT content to keep you informed about what’s cooking in the world of technology. Make sure you don’t miss out on our amazing content by subscribing to receive blog updates.

  • Remark: We will collect your information for marketing purposes. However, we respect your privacy rights. If you wish to access or amend any Personal Data we hold about you, or request that we delete any information about you that we have collected, please send us an email:
  • This field is for validation purposes and should be left unchanged.