Dropbox

From Max's Wiki
Revision as of 19:07, 11 May 2017 by Max (talk | contribs)
Jump to navigation Jump to search

Setting up the Team

Understanding the Dropbox Client

Latest Release Notes can be found at dropbox.com/release_notes

Commonly Asked Questions

Dropbox Support Help What do these icons mean?

The following can stop a network connection to Dropbox by any of the following:

  1. Firewalls
  2. Proxies
  3. ISP or IT Policies
  4. Antivirus Applications

Installing the client

Windows

  1. Meta Installer pulls another executable to auto start installation
  2. Enterprise Installer
    1. Manual Installation (Requires local admin permissions)
    2. Remote Deployment (SCCM/GPO) Maybe PSTools?

Windows Enterprise CLI Installer

/s:
Silent Installation.
Dropbox login prompt will launch upon successful installation.

/nolaunch:
Silent Installation.
No Dropbox login prompt.
Dropbox icon added to Start Menu.

More information about deploying with CLI can be found here The enterprise installer: deploy Dropbox Business for your entire team

macOS

  1. Contents are extracted from DMG and manually copied to the Applications folder
  2. Manual Installation (Requires local admin permissions)
  3. Remote Deployment (Casper Suite, Apple Remote Desktop)

macOS Installer Options

  1. Dropbox does not have a .pkg installer for macOS
  2. There are several options for creating .pkg files
    1. AutoPkgr (Familiarity of commandline)
    2. Composer (Included with jamf's Casper Suite)
    3. Packages or Iceberg (s.sudre/free/fr)
  3. Using .pkg files requires admin rights for installation

macOS Installation Option

  1. End User Full Install - Users admins their own Mac
    1. Downloads Dropbox installer to machine
    2. Use Remote Management software to copy to end user machines
    3. User starts setup and enters admin credentials
  1. End User Partial Install - No Remote Management Software installed, and users are not admins of the machine
    1. User downloads Dropbox from web or Network Share
    2. IT enters in admin credentials

Linux

  1. Manual installation (Requires local admin permissions)
  2. Standard Installer Package
  3. Download and install from Source Code

Client Download

The latest stable build can be downloaded from: 

dropbox.com/download
dropbox.com/downloading
dropbox.com/install

Things to note:

  • Beta builds are odd-numbered
  • The Dropbox website auto-detects the OS and downloads the correct installer

Client Update

Windows - dropboxupdate
Two Windows scheduled tasks make calls to DropboxUpdate.exe.
 DropboxUpdateTaskMachineCore - Picks up core engine (Latest client)
 DropboxUpdateTaskMachineUA - Picks up remaining changes (Any changes to files/folders)
macOS - DropboxMacUpdate
  • Checks for new versions every hour
  • Requires an internet connection and will prompt for a manual upgrade if there hasn't been an update within 7 days

Managing Sharing

Folders

  1. Each team member has their own private work space in Dropbox
  2. Everything stored in Dropbox is private by default
  3. When work is ready, members can invite collaborators to shared files/folders, or send links to their work

Shared Permissions

  1. Anyone can create a share file/folder
    1. These are created by sending invitations
    2. Once a user accepts the invitation, the shared file/folder appears inside their Dropbox folder and it's contents automatically sync.
  2. Admins (Any member of a Dropbox Business Team), can only access files/folders to which they've been invited to.
  1. Owner: Can change view/edit permissions, Invite additional people, Transfer ownership to someone else. This is the default role for whoever initially shares a folder.
  2. Editor: Add/Edit/Delete files in the folder just like an owner. If the owner allows it, editors can also invite people to the folder, remove other members from the folder, and change the roles of other members. Editor is the default setting for the people you invite.
  3. Viewer (Lock Icon): Can’t Add/Edit/Delete files in the folder.

More information can be found here: Shared folders: Give people edit access to your files

Shared Links

  1. Shared links let you send files to others even though they don't have a Dropbox account
  2. You can share files/folders of any size with shared links
  3. You can limit who can access a shared link by setting a password/expiration date
  4. Admins can set team-wide default access settings for newly shared links
  5. Admins can remove links shared by team members

In a nutshell:

  1. Dynamic links - Always points to the most current version. No need for re-linking an edited file.
  2. No file-size limit
  3. Password/Expiration Dates
  4. Access Control - Can be limited to only team members

File Requests

  1. Get files from anyone with a Dropbox account or not
    1. Submitters can send files up to 2GB (Basic account) or 10GB (on Pro or Business accounts)
    2. Uploads via web browser are limited to 20GB
    3. Uploaded files must fit within the size of your Dropbox account's storage quota
  2. Organize everything in one place
  3. Keeps files private - Dedicate an upload folder for uploads

Dropbox Admins (Manage File Requests):

  1. View team's file request activity in Activity section of the Admin Console
  2. Turn off file requests for the team in the Settings section of the Admin Console
    1. File Requests are on by default for the team. If turned off, any preexisting file requests will be deactivated.

Configuring Security

  1. Dropbox manages keys to remove complexity, support advanced product features and enable "strong" cryptographic control
  2. Files stored are encrypted using 256-bit AES
  3. Files in transit are encrypted using SSL/TLS (128-Bit or Higher tunnel)
  4. Pinning - Security check each time you use the Mobile/Desktop Client
  5. Endpoints use private SSL keys
  6. HSTS

What happens when my file is uploaded?

Storage locations: Magic Pocket - Dropbox Datacenter or AWS (Depending on location)

  1. A file is divied into 4MB chunks, each with it's own unique identifier
  2. Allows Dropbox to upload only the parts of the file that's been changed (Delta Sync)
  3. File chucks are encrypted before they're stored
  4. Dropbox manages access to Amazon and their own Datacenter separately
    1. Employees only have access to locations they manage

2FA

  1. Adds extra layer of security
  2. In addition to a Username/Pass, team members have an extra authentication step when signing in or linking new devices. (6-Digit security code available only on their mobile phone via Authentication App or SMS)
  3. Team admins can require that team members use 2FA. (All members or select members)
    1. New members will be prompted to setup upon the account creation process
    2. Existing members will be prompted to setup upon the next time they sign-in

Remote Wipe

  1. Lost Devices or removing a team member
  2. Once un-linked, you can select remote wipe to immediately stop sync
  3. Dropbox will attempt to delete the entire work once the device is online and Dropbox app is running
  4. Dropbox is always remotely wiped when you un-link a device

Remote Wipe Statues

  1. Pending: The device has not come back online/the Dropbox application is not running
  2. In Progress: Dropbox has connected with the device and the Dropbox Business folder is currently in the process of being deleted.
  3. Succeeded: The entire Dropbox Business folder was deleted from the device.
  4. Failed: If Dropbox was unable to delete any file withing the Dropbox Business folder, we'll provide a report that includes the name of each file that couldn't be deleted and the error for why.

Permanent File Deletions

  1. The user who uploads a file, or the owner of a shared folder, has the ability to permanently delete files.
#The team admin of a Dropbox Business account can limit the ability to permanently delete files to team admins only.

Device Approvals

Limited to Advanced, Education, and Enterprise Plans

  1. Manage the devices that team members use to access their Dropbox Business accounts
  2. Limit the number of connected mobile/desktop devices
  3. Decide what should happen to connected devices

Disconnect Approved Devices

  1. Remove the Device - When a team member disconnects their own device, it counts as a device removal and allows to connect a new device.
  2. Keep the device approved - A team member can disconnect their own device, but the device counts towards their device limit unless an admin removes the device.

Exceeding the approved device limit

  1. Remove all devices - When a team member is over the limit when you enable device approvals, all their devices are disconnected.
  2. Remove oldest devices - The most recently used devices remain connected. Older devices are removed, leaving the team member with the approved number of devices.
  3. Add team members to the exceptions list - Members on the exception list can continue using as many devices as they need.

Visibility and Control

Tracking Team Activity: A bird's eye view of team activity such as Login Activity, Password Changes, Recent Sharing Activity, and Newly Linked Devices.

  1. Generate a full report of activity for a specific period
    1. Shows name of user taking the action
    2. IP Address of the device where the action originated
    3. General time when the action occurred
  2. Use the drop-down menu to filter the list by a specific type of activity

Activity Log

Records the following:

  1. Sharing: Someone participates in a sharing event
  2. Passwords: User changes their password or 2FA settings
  3. Logins: A team member signs in or fails to sign into the Dropbox website
  4. Admin actions: You or another admin changes settings in the Admin Console
  5. Apps: A user links a 3rd Party App to their account
  6. Devices: A user links a Computer/Mobile Device to their account
  7. Membership: Someone joins the team or is removed from the team

Advanced/Enterprise Plans: Show shared file events, such as file/folder deletions

Retrieved from "http://manaiakalani.info/wiki/index.php?title=Dropbox&oldid=224"