Dropbox patches Heartbleed, opens Australian office

Dropbox has reiterated that it's 275 million users are safe from Heartbleed, following announcing the opening of its first Australian office in Sydney.

To ensure its servicing its four million plus Australian businesses, including 95 percent of the ASX 100 companies, Dropbox has announced the opening of its first Australian office in Sydney. 

Dropbox enterprise strategy vice president Ross Piper said the Sydney team will help bring culture and best practice to the country.

"Given the adoption amongst individuals and businesses, we wanted to build a team close our customers," he said today.

Atalassian, Macquarie Bank, and Mirvac are among a handful of Australian Dropbox customers that will be able to take advantage of this.

Heading the setup of the new office will be co-APAC and Japan leads Tony Huie and Oliver Jay.

Piper confirmed while the office opening will mean the company will be closer to its customers, all customer data will continue to be stored in its US datacentres, with no imminent plans to open a local data centre in Australia. But he reassured that the company is compliant with Australia's new privacy laws.

Piper defended the quiet way that Dropbox disclosed its vulnerability to Heartbleed last week, deciding not to email its users directly, and instead informing its 275 million users via a blog post.

He said while the company is using a version of OpenSSL encryption that was affected by Heartbleed, Dropbox has taken all the necessary precautions to patch its servers to address the problem.

"We notified all of our users that this had occurred and updated that we had patched our services through our blog, and have suggested that users change their passwords," he said.

"We also have Perfect Forward technology, so any of the vulnerabilities that were open don't go into past access. Any past access that a key might have had, it doesn't allow it to be re-used, and that's been one of the technologies that has protected a lot of users.

"But we did patch all of our services, we rotated all of our keys, all of our encryptions, every user-facing aspect of the service."

Further, Piper said Condoleezza Rice's appointment to the board does not change the company's privacy policy, despite recent criticisms.

"It doesn't change our privacy policy. Our reasons for bringing Dr Rice on board centres around her incredible experience managing very large scale organisations...as well as dealing with very highly-talented individuals, which suits our engineering culture very well," he said.

"We think we've built a pretty good and trusting relationship with our users, and we want to maintain that through everything. We've made the decision about Dr Rice based on the reasons that I've described, and we think it's still our responsibility to earn that trust every day and we will continue to do everything to create clearer transparency and conform to the privacy requirements of our users."

In conjunction with the opening of its Sydney office, the company has also announced the launch of Project Harmony, which has been designed to work with Microsoft Office Words, Excel, and Powerpoint.

It will enable users to have real-time conversations and synchronise updates to files, no matter which platform they're working on, said Piper.

Piper said there plans extend its core applications to synchronise with other platforms going forward.

The release of Project Harmony complements the company's Dropbox for Business tool, which was announced last week.

"Dropbox for Business marries the app people use on an individual basis with the controls, transparency, and governance that business and IT expect," Piper said.