Share this content
0
1778

Views on dropbox

Is dropbox secure or should files be password protected

hi

With the advent of GDPR I am trying to get to grips with what is going to be required. My question is does anyone have any views / knowledge on whether PDF files of SA calculations (for example) should be held in a dropbox file for clients to review and if so should they be further password protected.

thanks

Replies

Please login or register to join the discussion.

avatar
18th Oct 2017 21:37

I use Boxcryptor on the Dropbox drive. Hopefully (in theory) all that is on Dropbox's servers is a load of nonsense. [insert joke about my work! :) ]

You can't trust any service with your actual data. Computer people don't understand "silos" and privacy. They think everything you do with your computer and all client data is up for grabs and auto-tweeting to the world.

Thanks (3)
20th Oct 2017 11:26

I'm at a very early stage of reviewing and considering the same thing too.

I posed a question to the panel on the Practice Excellence GPDR seminar on Monday this week. They said, as I'd expected, that sending non-password protected attachment to emails is not a good thing, even under DPA 1998. Emailing a non-password protected link to a DropBox, GDrive or OneDrive is as bad.

You may wish to consider https://www.theclientspace.com/. I still want to 'play' and test it for a couple of weeks. Not used it yet.

I think that you'd require the 'Extreme' for more than 20 (i.e. Unlimited active clients). It's only £240 pa. It certainly looks a professional system. Appears to be owned by Wolters Klower (part of the CCH brand). I'd seem a few of the larger independent firms in Leeds using it directly from their websites.

Has anyone any experience of theclientspace.com?

Does anyone else use any secure system for transfer of ad-hoc files e.g. a Tax Return / Accounts once a year. I do not want a complex system like the CCH Portal.

Thanks (0)
avatar
to paulinleeds
20th Oct 2017 13:40

paulinleeds wrote:

You may wish to consider https://www.theclientspace.com/. I still want to 'play' and test it for a couple of weeks. Not used it yet.

I think that you'd require the 'Extreme' for more than 20 (i.e. Unlimited active clients). It's only £240 pa. It certainly looks a professional system. Appears to be owned by Wolters Klower (part of the CCH brand). I'd seem a few of the larger independent firms in Leeds using it directly from their websites.

Has anyone any experience of theclientspace.com?

Does anyone else use any secure system for transfer of ad-hoc files e.g. a Tax Return / Accounts once a year. I do not want a complex system like the CCH Portal.

The Client space is not connected to Walters Klower, it's owned by a Company called Concepcion Design. I like the look of it though, and will have a play with it. Re your last paragraph, why not use the client space as well? Obviously depends on how easy it is to configure/play with, but if you are going to use it for other clients, it makes sense in my opinion.

Thanks (0)
to legerman
21st Oct 2017 13:18

Thank you 'legerman'.

I agree with what you say regarding https://www.theclientspace.com/ and Wolters Kluwer (part of the CCH brand). I was mistaking the CCH portal that uses the UK domain www.clientspace.co.uk.

theclientspace.com is very easy to use (I had a play yesterday afternoon) and fairly cheap. It appears that it is owned and run by an American guy (via by a web design company called Concepcion Design) and an assistant. I've emailed him. It started in 2011.

Data is based in the US. He says that it has 99.99% uptime and the data is secure. I think from GDPR that having data outside the EU courses issues though. Any comments on this?

theclientspace.com may not be perfect, but it is substantially better then emailing PDFs (password protected or not).

I think that we all have to balance data security with practical use by clients. Sending a single tax return or draft/final accounts once a year (or so) to a client portal in the cloud must be simple for them to download, review and comment on. It's great having all this security but if you cannot get your clients to open and review the uploaded documents then its not much use.

Thanks (0)
avatar
to paulinleeds
23rd Oct 2017 16:37

paulinleeds wrote:

Data is based in the US. He says that it has 99.99% uptime and the data is secure. I think from GDPR that having data outside the EU courses issues though. Any comments on this?

theclientspace.com may not be perfect, but it is substantially better then emailing PDFs (password protected or not).

I think that we all have to balance data security with practical use by clients. Sending a single tax return or draft/final accounts once a year (or so) to a client portal in the cloud must be simple for them to download, review and comment on. It's great having all this security but if you cannot get your clients to open and review the uploaded documents then its not much use.

Interesting on data stored in the US, guidelines say it depends whether that data can be snooped on (safe harbour?) But what about dropbox and onedrive (where I currently store my data) Are these not in the US too?

Agree with everything else you wrote.

Thanks (0)
avatar
By gphemy
20th Oct 2017 12:41

I cannot offer any comment on Dropbox security, but I will suggest that you do not rely on Acrobat password protection. Simply Google "Unlock PDF documents" to see what is available!

Consider file encryption using PGP, although it would require some effort on the client's side.

Thanks (0)
avatar
20th Oct 2017 15:22

I was thinking of using Protonmail to send encrypted files to clients as it seems really easy to use for both us and the client - no need for client portals etc.

https://protonmail.com

Would be interested to hear if anyone has tried this.

Thanks (0)
21st Oct 2017 20:34

Hi there, if you moved to Microsoft 365 you could store all your data in an encrypted format both in the cloud, on your computer and when you send email. We are doing this for clients currently. Take a look this link https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx

Thanks (0)
Share this content