Secure File Sharing: Dropbox vs Local Network

TL;DR

Sharing files via Dropbox is generally safe if you use a strong password and enable two-factor authentication. However, sharing on your local network can be *more* secure, but requires careful setup to avoid risks. This guide explains how to do both safely.

Understanding the Risks

Both methods have potential downsides:

• Dropbox: Data breaches at Dropbox itself (rare, but possible), account compromise due to weak passwords or phishing attacks, and accidental public sharing.
• Local Network: Incorrect permissions allowing unintended access, malware spreading through shared folders, and network vulnerabilities.

Part 1: Securely Using Dropbox

1. Strong Password: Use a unique, complex password for your Dropbox account. A password manager is highly recommended.
   • Avoid easily guessable words or personal information.
   • Aim for at least 12 characters with a mix of uppercase and lowercase letters, numbers, and symbols.
2. Two-Factor Authentication (2FA): Enable 2FA on your Dropbox account. This adds an extra layer of security.
   • Go to your Dropbox Account Settings > Security.
   • Choose a method like authenticator app (recommended) or SMS code.
3. Sharing Links: Be careful with sharing links.
   • Use password-protected links whenever possible.
   • Set expiration dates on shared links.
   • Review your shared link settings regularly.
4. App Permissions: Review which apps have access to your Dropbox account and revoke unnecessary permissions.

Part 2: Securely Sharing Files on Your Local Network

This is more complex, but can offer greater control. We’ll focus on Windows file sharing as an example.

1. Network Discovery & File and Printer Sharing: Ensure these are enabled in your network settings (Control Panel > Network and Internet > Network and Sharing Center > Advanced sharing settings).
   • However, consider disabling them when not actively sharing files to reduce attack surface.
2. Folder Permissions: This is the most important step.
   • Right-click on the folder you want to share > Properties > Sharing tab.
   • Click ‘Advanced Sharing’.
   • Check ‘Share this folder’.
   • Click ‘Permissions’.
   • Add only the specific user accounts that need access, and grant them the *minimum* necessary permissions (Read is often sufficient). Avoid giving ‘Everyone’ full control.
3. User Accounts: Ensure all users on your network have strong passwords.
4. Firewall: Your firewall should be enabled and configured to allow file and printer sharing traffic (typically ports 137, 138, 139, and 445).
   • Windows Firewall usually handles this automatically when you enable File and Printer Sharing.
5. SMB Protocol: Older versions of SMB (like SMBv1) are vulnerable. Ensure your network is using a more secure version (SMBv2 or SMBv3).

   powershell -command "Get-SmbServerConfiguration | Select EnableSMB1Protocol"

   If EnableSMB1Protocol returns ‘True’, disable it:

   Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

6. Antivirus/cyber security Software: Keep your antivirus and cyber security software up to date on all machines sharing files.

Summary

Dropbox is convenient, but requires diligent password management and 2FA. Local network sharing offers more control, but demands careful configuration of permissions and ongoing maintenance. Choose the method that best suits your technical skills and security needs.