Dropbox To Business: Never Mind The Breaches, Come Store Your Stuff With Us!

Dropbox is making a new push to win over business customers to its cloud-storage business. But its checkered history of security breaches may make it a tough sell in the enterprise.

Dropbox said Wednesday that it has added single sign-on (SSO) capabilities to its storage service, matching a capability that its chief rival, Box.net, has offered for some time. Dropbox also decided to rename its "Dropbox for Teams" business service "Dropbox for Business." The added feature and a name change may not seem like much to hang the new marketing push on, but Dropbox clearly has high hopes of making inroads in the enterprise.

With the SSO feature, companies can set up Dropbox so that employees who sign into their corporate account will also be signed into Dropbox, thus eliminating the need for a second login. The company said it's partnering with Ping Identity, Okta, OneLogin, Centrify, and Symplified. Ping Identity and Okta also provide SSO solutions to Box, which signed up with Ping Identity in 2011 to provide SSO capabilities via its PingFederate technology.

Dropbox doesn't just compete with Box.net, but SugarSync, Google Drive, Apple's iCloud, Microsoft's SkyDrive, and a host of smaller services. But it was Dropbox that Box CEO Aaron Levie skewered with an April Fool's Day prank. Why? Because Levie can see Dropbox in the rear-view mirror.

Dropbox's vast scale — it boasts 100 million users, with 600 million "work files" stored every work week, according to a spokeswoman — represents a threat. Dropbox counts users in 95 percent of Fortune 500 companies, according to Kevin Egan, the vice president of sales that Dropbox hired away from Salesforce.

Someone's Gotta Pay For All This

It's not clear how many of those people actually use Dropbox for business purposes — though it might not matter. Egan said that Dropbox's legacy in the consumer space — it has signed partnership agreements with both HTC and Samsung for free storage when customers buy the Samsung Galaxy S3 or HTC One, plus deals with Yahoo Mail and its purchase of Mailbox — means that consumers turn into evangelists when they enter the workplace.

"Millions of people have signed up using their work email address at Fortune 500 companies," Egan said. "And I think what we want to do is allow them to maintain the level of enthusiasm that they have, but embrace IT more, so they have 100 percent confidence that they have control and visibility."

The opportunity, of course, is that consumers are hooked on free; businesses aren't. Dropbox users can get up to 2 GB of storage for free, with up to 18 GB after various referrals and promotions. For Dropbox for Business/Teams, the price remains $125 per user, per year.

In 2012, however, co-founder Arash Ferdowsi told The Economist that only 4 percent of its users base were paying customers. That makes Dropbox look like the "we'll make it up on volume" strategy writ large — eventually someone's gotta pay, right? Attracting corporate customers helps make up for that.

Right now, Dropbox is asking what those corporate customers want. Tido Carriero, the lead engineer at Dropbox for Business, said future improvements could include things like making the Dropbox interface easier to use for large teams. "But for now, SSO is what they're shouting in our ear," he said.

Security Breaches Still Hurt

Unfortunately, what may be lurking in the back of some minds may be a pair of security lapses. In 2011, Dropbox accidentally pushed a code update that introduced a bug into the company's authentication mechanism, allowing third parties to log into user accounts and access files. Last year, hacks at other Web sites allowed attackers to penetrate accounts used by Dropbox employees, including a document from which they may have been able to harvest email addresses. In August, those email addresses were apparently used to send Dropbox users spam.

Since then, Dropbox has added two-factor authentication, as well as a recent administration console that can require two-factor authentication and monitor employee use, including restricting shared folders and links within the company. But Dropbox has been hurt by the lingering effects on its reputation.

"We haven't won deals — there have been deals that we have not won because of it," Egan said. "Sometimes it's just a matter of timing — explaining our security protocols better, sometimes it's a question of comfort with the business, and sometimes they're a couple of years away from embracing us. It's certainly hard to know what happened, but it's certainly top of mind for a lot of IT admins."

If Dropbox's strategy works, then its next target is government. Carriero said that the company is not FIPS certified. It's probably unlikely that the Pentagon would agree to use a cloud storage solution like Dropbox. A smaller county or town might end up using the service, though.

Storage has become a commodity. Box.net is attempting, through partnerships, to allow as many companies as possible to do stuff with that data. That adds value. Dropbox's purchase of Mailbox is headed in the right direction, but it still appears to be chasing Box, at least in the business space.

Lead image via Shutterstock