Table of contents
Start for free
Is Dropbox end-to-end encrypted?Almost a billion people use Dropbox for for cloud storage, to share files, and to collaborate. Is it secure?
Dropbox now reports almost one billion active users on their products for cloud storage and sharing; similarly, Google Drive has announced they are also exceeding the one billion user threshold. However, both of these products implement similarly limited levels of encryption, where personal data remains exposed to additional parties and not to users alone.In this blog, we’ll explore how encryption on Dropbox works, particularly in comparison to fully end-to-end encrypted storage providers, which use completely zero-knowledge encryption to keep files and data private to users alone.
Cloud storage and encryptionCloud storage is a service that allows users to save files online so that they can be accessed from any internet-connected device. The cloud storage provider manages the infrastructure and security of the user's data, making it accessible from anywhere in the world. Cloud storage is often used as a backup for local files, as it provides protection against data loss due to hardware failure or user error. It is also significantly more robust and reliable than transferring files using physical mechanisms (USB drives or hard disks) and easier than simply emailing all important files back and forth.Cloud storage is also becoming increasingly popular as a way to store and share files, as it offers a convenient and efficient way to keep files backed up and synchronized across devices. Numerous companies, including Dropbox, Box, Microsoft, and others, have offered cloud file-sharing services for individuals and enterprise customers, allowing teams and organizations to collaborate on projects, datasets, or documents.There are numerous different cloud storage providers, each offering different features, pricing plans, and levels of security and encryption. Some of the most popular providers include Google Drive, Dropbox, and Apple’s iCloud product. When choosing a provider, it is important to consider your needs, budget, privacy concerns, and more.Once you have chosen a provider, you will need to create an account and install cloud storage software on your devices, which will allow you to access your files from any device with an internet connection. Almost all cloud providers now offer easy-to-use mobile, desktop, and tablet applications across all providers.To add files to your cloud storage, simply drag and drop them into the designated folder on your computer, or upload them through a web interface. The files will then be uploaded to the cloud and synchronized across your devices. You can easily access, share, upload, and download your files via any cloud storage provider’s website.If you edit a file on one device, the changes will be automatically synced to your other devices. This makes it easy to keep your files up-to-date and accessible from anywhere. Cloud storage is an easy and convenient way to store and share files or keep your data synchronized across devices. Beyond backing up your data, many individuals now choose to write, create, and share content directly inside cloud providers, such as using Dropbox Paper or Google Docs to write documents.
Cloud storage encryptionDropbox is one of many cloud storage providers that market a basic level of encryption in their services, frequently broken down as “encrypted in transit” and “encrypted at rest.” Although this secures your data from certain risks, such as interception by hackers reading network traffic, it is a much weaker level of protection than full end-to-end encryption.Encryption in transit refers to the use of TLS and SSL to encrypt network traffic from users’ devices to Dropbox servers. Encrypted at rest refers to the fact that data, when stored in Dropbox databases, is encrypted symmetrically (typically using an algorithm such as AES-256). While AES encryption is frequently used in the industry, it still allows Dropbox employees, law enforcement, or other parties to access your information. As a result, it is weaker than end-to-end encryption, where user data is encrypted client-side before ever reaching a Dropbox server, preventing anyone but a user from decrypting or deciphering an encrypted file.
Encryption vs. End-to-end encryptionThere are a few key differences between encryption and end-to-end encryption. Encryption is a process of transforming readable data into an unreadable format, typically using a key or password. End-to-end encryption is a specific type of encryption that takes place between two devices, such as an end user and their other devices, in order to keep the data private and inaccessible to any other parties.One key advantage of end-to-end encryption is that it offers more security than encryption alone. With encryption, the data is encoded and can be decoded by anyone who has the key or password, such as in the description of encrypted at rest above. However, with end-to-end encryption, the data is encoded and can only be decoded by the devices involved in the communication. This means that even if someone were to intercept the data, they would not be able to read it.Another advantage of end-to-end encryption is that it can help to prevent data breaches. Data breaches occur when sensitive information is exposed to unauthorized individuals. This can happen if the data is not properly encrypted. End-to-end encryption can help to prevent data breaches by ensuring that the data is only accessible to the devices involved in the communication. In the past, Dropbox has had data breach issues; end-to-end encryption would prevent any hackers from decrypting files that are maliciously downloaded from Dropbox.End-to-end encryption has more recently become mainstream in messaging apps and communication providers. This includes Signal Messenger, WhatsApp, iMessage, and many of the other most commonly used messaging applications.Overall, end-to-end encryption is a newer, stronger, and more privacy-first method of securing user data. However, it also has increased technical complexity and is more recently making its way to the consumer market. More broadly, end-to-end encryption offers more security than encryption alone and can help to prevent many of the significant risks stemming from provider data breaches.
End-to-end encrypted cloud storageTresorit: Tresorit is a Swiss based secure cloud storage provider that was recently acquired by the Swiss government. Similar to Dropbox, Tresorit offers cloud sync and storage feature for individuals and teams. This also includes apps across multiple devices, such as iOS, Android, Windows, Linux, and Mac.Tresorit offers two-step verification features for additional protection, as well as password protection for files. Like most cloud storage providers, synchronization across devices is offered out of the box. Most importantly, Tresorit is end-to-end encrypted, keeping users’ sensitive data completely private.Skiff: Skiff is a privacy-first, end-to-end encrypted workspace that offers products for end-to-end encrypted email, file storage and sharing (Skiff Drive), and collaborative wikis, documents, and notes (Skiff Pages). Every document, file, and folder is end-to-end encrypted, keeping your personal information completely private to you. Skiff also offers mobile apps for their drive, email, and docs products that are compatible on iOS, Android, Mac, and more.On Skiff, even every file imported from Google Drive is encrypted client side, keeping data security for users as the paramount goal. Skiff also offers two-factor authentication and password protection for users to maintain an extra layer of security against account compromise. Finally, the platform offers 10 GB of free storage, which is larger than Tresorit and other privacy-first cloud storage providers.
Encrypted Mail, Drive, Calendar, and DocsSkiff offers much more in addition to their end-to-end encrypted storage product. This includes Skiff Pages, Calendar, and Mail products for collaboration and communication.Every Skiff Mail user gets full access to the entire product suite, which also includes:
- Skiff Drive (all data end-to-end encrypted, unlike Dropbox, which is not E2EE)
- Skiff Pages (for wikis, notes, documents, and real-time collaboration)
- Skiff Calendar (integrates natively with Skiff Mail)
|Drive storage||10 GB||100 GB||1 TB|
|Sending messages (limit)||200/day||Unlimited||Unlimited|
|Folders and labels||5||Unlimited||Unlimited|
|Schedule or undo send|
|Email + doc text search|
|E2EE link sharing|
|Doc version history||24 hours||Unlimited||Unlimited|
ConclusionIf you’re looking for a fully private, end-to-end encrypted cloud provider, we wrote an even longer blog on the topic that covers major end-to-end encrypted cloud storage providers, including Skiff, Tresorit, Sync.com, and many more. These products offer the exact same level of convenience and incredible user experience but with a significantly higher level of security and confidence as your data remains private to you.
Jason GinsbergIntroducing Skiff DriveEnd-to-end encrypted, privacy-first file storage, with 10GB free.
Skiff TeamIs Notion end-to-end encrypted?Is Notion end-to-end encrypted? Are your notes, wikis, and documents safe and secure?
Skiff TeamIs Google Drive end-to-end encrypted?Over a billion people use Google Drive. Is Google Drive secure, encrypted, and end-to-end encrypted?
Skiff TeamIs Microsoft OneDrive end-to-end encrypted?Microsoft OneDrive reportedly has over 250 million users across businesses, governments, and individuals. How secure is it?
Peter LuThe best encrypted note taking apps in 2023We store more private information in our note-taking apps than in our homes. What are the best encrypted notes apps with fantastic privacy and best-in-class features?
Andrew MilichWhat's the best encrypted cloud storage provider?Choosing a cloud storage provider? Consider these platforms, security guidelines, and tips when setting up your account.
Skiff TeamSkiff Calendar Launches!Skiff Calendar is out: Privacy-first, end-to-end encrypted, and easy to use.
Ehsan AsdarHuge Drive performance upgradeTry out a new and improved Skiff Drive with better upload speeds and performance across large, multi gigabyte files.