Our Blog

Box, Dropbox and the Toxic Internet

added: 05.06.2014

There’s so much activity in the world of information security lately that it’s easy to miss some interesting stories. One that hit earlier today via security blogger Graham Cluley was of a security vulnerability that can affect users of cloud-based file sharing services Box and Dropbox.

According to Cluley’s blog, both services have left reams of sensitive user documents exposed thanks to a simple vulnerability that allows anyone who knows the trick to access subscriber files. Cluley’s blog includes images of tax documents and other financial records.

Really, if you haven’t already read his post, click through now. We’ll wait for you.

Frightening, no?

Instances of breaches like the Box and Dropbox leak are far too common these days. It’s further evidence that you don’t want to be unprotected while doing business online. The environment is chaotic, toxic and radioactive. You need a hazard suit, but fortunately there is one that everyone can use. It’s called encryption.

In today’s Guardian newspaper, Brian Krebs published an opinion essay in which he assails U.S. businesses for being way behind the curve on offering end-to-end encryption on transactional systems. Target, whose CEO resigned yesterday amid continuing struggles following the December data breach that affected tens of millions of its customers, made huge investments in end-point security and have pledged even more since Krebs broke that story. Problem is, even when the retail giant rolls out its new terminals and chip-and-pin security, they will still transmit data via unsecured channels.

Krebs’ plea for encryption is one that users of Box and Dropbox would do well to heed. Those services are convenient, but assuming that they—or any cloud service—are inherently secure is foolhardy. What would have kept those tax documents safe, even in the event of a Box or Dropbox data breach? Keeping those files encrypted.

And that’s where HoGo has you covered. Protecting your documents with HoGo is fast, easy, and cost-effective. And you can share those documents via email or your chosen cloud file sharing service with confidence that only the intended recipient can view and use them. You can also set terms of expiry so that the documents delete themselves after a certain time.

Listen, the internet is a wonderful and fascinating—but dangerous place for sensitive information, private data and intellectual property. You need to take precautions.