<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: What are best practices for securing other's Dropbox in Integrations</title>
    <link>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723166#M11096</link>
    <description>&lt;P&gt;Thanks for the update, currently, there isn't a direct method to determine if another user is on a Dropbox Business team, in order to determine if they can share HIPAA data, if they have any two step authentication methods.&lt;/P&gt;</description>
    <pubDate>Fri, 20 Oct 2023 16:19:16 GMT</pubDate>
    <dc:creator>Jay</dc:creator>
    <dc:date>2023-10-20T16:19:16Z</dc:date>
    <item>
      <title>What are best practices for securing other's Dropbox</title>
      <link>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723125#M11087</link>
      <description>&lt;P&gt;As our company's CISO, it's my responsibility to validate the security posture of our company and our third parties.&amp;nbsp; I have unresolved questions about how we can verify Dropbox security controls, specifically for third parties.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;We are not a direct Dropbox customer, although we've encountered many third parties who use Dropbox, as their preferred File Sharing &amp;amp; Collaboration platform.&amp;nbsp; What are the Dropbox best practices to ensure a third party's Dropbox setup is secure?&amp;nbsp; I have attempted to do a Q&amp;amp;A with various third parties to ensure they securely setup their Dropbox, although many third parties don't know much about how their company's Dropbox security is configured.&amp;nbsp; Many third parties simply have a lack of knowledge about Dropbox security controls.&amp;nbsp; I notice there are 4 tiers of Dropbox, each with various security controls.&amp;nbsp; &amp;nbsp;I understand how these controls can better secure data residing in a Shared Dropbox.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;Examples of questions&amp;nbsp;which&amp;nbsp;our best practice Dropbox procedure should answer:&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;- How do we, the receiving party, know which Dropbox tier the parent company is subscribed to?&amp;nbsp; &amp;nbsp;(i.e. Must have&amp;nbsp;&lt;SPAN&gt;Business "HIPAA configured" if they want to share medical records)&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;- How can we, the receiving party, validate that all parties have MFA enabled, among other security controls?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;U&gt;Definitions:&amp;nbsp; &lt;/U&gt;&lt;/P&gt;&lt;P&gt;(Parent Company) = the company who provides their shared Dropbox.&lt;/P&gt;&lt;P&gt;(Receiving Company) = the company who is using the parent company's Dropbox.&lt;/P&gt;&lt;P&gt;(Third Party) = any customer or vendor we do business with.&lt;/P&gt;</description>
      <pubDate>Fri, 20 Oct 2023 14:10:52 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723125#M11087</guid>
      <dc:creator>Techyguy</dc:creator>
      <dc:date>2023-10-20T14:10:52Z</dc:date>
    </item>
    <item>
      <title>Re: What are best practices for securing other's Dropbox</title>
      <link>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723134#M11088</link>
      <description>&lt;P&gt;Hi &lt;SPAN style="background: var(--ck-color-mention-background); color: var(--ck-color-mention-text);"&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1758990"&gt;@Techyguy&lt;/a&gt;&lt;/SPAN&gt;, thanks for messaging the Community.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;As DocuSign is a separate company, we wouldn't be able to advise on that matter?&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Is it possible you're referring to HelloSign or Dropbox Sign?&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;This will help me to assist further!&lt;/P&gt;</description>
      <pubDate>Fri, 20 Oct 2023 14:06:30 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723134#M11088</guid>
      <dc:creator>Jay</dc:creator>
      <dc:date>2023-10-20T14:06:30Z</dc:date>
    </item>
    <item>
      <title>Re: What are best practices for securing other's Dropbox</title>
      <link>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723137#M11092</link>
      <description>&lt;P&gt;Thank you Jay, I mistyped and corrected now.&amp;nbsp; I meant Dropbox, not DocuSign.&amp;nbsp; No eSign.&lt;/P&gt;</description>
      <pubDate>Fri, 20 Oct 2023 14:13:16 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723137#M11092</guid>
      <dc:creator>Techyguy</dc:creator>
      <dc:date>2023-10-20T14:13:16Z</dc:date>
    </item>
    <item>
      <title>Re: What are best practices for securing other's Dropbox</title>
      <link>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723166#M11096</link>
      <description>&lt;P&gt;Thanks for the update, currently, there isn't a direct method to determine if another user is on a Dropbox Business team, in order to determine if they can share HIPAA data, if they have any two step authentication methods.&lt;/P&gt;</description>
      <pubDate>Fri, 20 Oct 2023 16:19:16 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Integrations/What-are-best-practices-for-securing-other-s-Dropbox/m-p/723166#M11096</guid>
      <dc:creator>Jay</dc:creator>
      <dc:date>2023-10-20T16:19:16Z</dc:date>
    </item>
  </channel>
</rss>

