Dropbox for Business scores another security certification

Dropbox has been issued the ISO 27001 certificate, which includes the 2013 revision of the standard that has been updated with cloud services in mind.

Dropbox has announced the addition of ISO 27001 certification to its growing list of compliances for Dropbox for Business.

The ISO 27001 certificate (PDF) has been issued by an independent third party in the Netherlands, and is recognised in all countries with IAF membership, including Australia and New Zealand. It validates the company's approach to maintain security, confidentiality, integrity, and availability of data.

According to Dropbox, it's among the first in the industry to be certified using the 2013 revision of the standard, which has been updated with cloud services in mind.

"Achieving ISO 27001 certification signifies that we've demonstrated our promise to continually improve the security of your data under the ISO/IEC 27001:2013 standard," the company wrote on its blog.

"You can trust that the information security management program we've built is top notch — it's designed and tested based on the framework in this standard, which is the most widely accepted of its kind globally."

In July, the company announced that it was further enhancing the security features of Dropbox for Business by improving the sharing permission of links by adding password protection and expiration to ensure that the links do not stay active forever. These links are often shared via email to other users who do not have a Dropbox account.

There's also a read-only shared folders function, where administrators will be able to control who can view and edit contents, or only be able to view them.

Ilya Fushman, Dropbox for Business head of product, told ZDNet at the time that the main objectives were making sure that employees are productive, and ensuring their data is safe and secure.

Earlier this month, an unnamed hacker group claimed that it had accessed around 6,937,081 Dropbox accounts . Dropbox issued a statement soon afterwards disputing the group's claims, however.

"These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts," the company said.

"We'd previously detected these attacks, and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well."

Former government contractor Edward Snowden has previously accused Dropbox of being hostile to privacy , warning users to be more privacy conscious when it comes to online cloud storage, particularly since Condoleezza Rice was recently appointed to the company's board.

Ross Piper, Dropbox enterprise strategy vice president, has previously defended the company's decision to hire Rice , and said the company's privacy policy remains unchanged.

"It doesn't change our privacy policy. Our reasons for bringing Dr Rice on board centres around her incredible experience managing very large-scale organisations ... as well as dealing with very highly talented individuals, which suits our engineering culture very well," he said.