We discourage you from using other systems such as Dropbox because storing sensitive or confidential information on cloud systems may violate the Department’s information policy and cybersecurity policy.

Areas of policy that may be violated include:

• Security

Dropbox has been victim to high-profile hacks and frequent user base leaks.  This is because it lacks the security features required to store and share sensitive information.

• Data Ownership

Drop box’s terms and conditions grants access to the data, users store.  This is in breach of Australia data sovereignty law and the Archives Act Tasmania. Breaches can be subject to large fines if personal identifiable information is shared.

• Password issues

Because Dropbox doesn’t use end-to-end encryption, passwords are able to be leaked or stolen easier than other file storage methods such as State Growth Files.

Beware that you are personally responsible for anything that happens to data using a non-supported service.

If you use Dropbox personally, we advise you to take these precautions:

• Don’t store sensitive data, either personal or StateGrowth related.
• Use encryption. Zip your files with password protection before uploading to Dropbox

You can create encrypted and password-protected zip files, disk images, and pdf files on most modern operating systems, and you won’t be relying on Dropbox’s internal security.

• Double check all communication you get from Dropbox to ensure you’re not the recipient of a phishing email.