Finding Sensitive Data Assets in Dropbox

Dropbox and other file sync and share services are my friend.  I like many others use them every day, and Dropbox is the glue to keep my data in sync in multiple places, on multiple platforms and devices.  Michael Wolfe summed up the reason for DropBox's popularity perfectly in his post on Quora:

Well, let’s take a step back and think about the sync problem and what the ideal solution for it would do:

There would be a folder.
You’d put your stuff in it.
It would sync.

They (Dropbox) built that.

But for the same reasons why it is so popular (easy to use, accessible everywhere, efficient sync), DropBox is likened to a four letter word in many IT departments - RISK.

Being in the business of making sure data is protected, especially sensitive data, IT cringes at the thought that this data could so easily be made available out on a public cloud and synced to everyone's iPhone.  IT & Security teams alike want to be sure people are sharing the right stuff, and not something that is going to be put their company and their customers at risk. The popularity and angst of technologies like DropBox, highlight the intrinsic importance of data.  We need to be able to get to it all of the time but want to be sure only the right set of eyes is viewing and storing it.

No matter your opinion on DropBox, I think being more aware of the data you are storing is valuable. Let's take a look at how a data-aware platform like DataGravity can assist when DropBox is being used.

WHere Is DropBox Installed?

Search and discovery of your data is a core tenant of DataGravity's so it is easy to do a simple keyword search on all files with the name DropBox and find the results (A).  We see that a DropBoxInstaller.exe exists (B) and the path to the location of a local DropBox folder - C:\Users\gmaentz\Dropbox (C). 

WHO is using it and for how long?

By taking a closer look at the DropboxInstaller.exe file we can simply click to understand all of the details of that file: Download Path, Time Downloaded, and Activities performed by User.  This shows us that our favorite user Gabe, downloaded the Dropbox installer to the Downloads directory of his Virtual Desktop back on February 21, 2015, and ran the install that same day.

What is Stored There?

Performing a more detailed search on all the contents of the local DropBox folder (C:\Users\gmaentz\Dropbox) that we identified (A), we found 891 items (B) along with their demographics.  Many of the files were relatively small (C) and there appears to be some sensitive data contained within the files (D).  The majority of the files were images (E) and all owned by Gabe who installed DropBox in the environment (F).

Sensitive DAta

Using the faceted search in our detailed view of the data being stored in Gabe's DropBox location, we see that one of the files is being flagged as containing Credit Card information.  A closer looks shows that this is an Excel spreadsheet named Customer list.xlsx which is stored in the C:\Users\gmaentz\Dropbox\powerpoint directory.  Perhaps this was an inadvertent save to the wrong directory, but a preview of the file indeed shows it does contain credit card information and that it is being synced using Dropbox to this location.  This is the kind of stuff that causes IT & Security teams to cringe.

CC Number in DropBox.png

A simple inadvertent mistake with sensitive information being synced to the wrong location can have major consequences.  DataGravity can help provide checks and balances by natively being aware of the data being stored in these locations.