Dropbox for Business controls audited: SOC 2 & SOC 3 reports now available

Last month, we let you know that the Dropbox for Business Level 1 Self-Assessment is now available on the Cloud Security Alliance’s Security, Trust, and Assurance Registry (CSA STAR). Today, we’re happy to announce that Dropbox for Business has reached two more assurance and compliance milestones — the security and confidentiality industry standards known as SOC 2 and SOC 3:

  • An updated Service Organization Controls 2 (SOC 2) report covering the Security and Confidentiality Trust Services Principles is now available for potential and current Dropbox for Business customers upon request by emailing sales@dropbox.com or your account manager. Previous reports have been available since October 2013.

  • A Service Organization Controls 3 (SOC 3) report covering the Security and Confidentiality Trust Services Principles is now publicly available here.

Dropbox for Business SOC 2

Dropbox for Business SOC 3

Each of these reports are granted only after independent auditors have tested our controls and found that they operate effectively and meet the Trust Services Principles.

Trust and security are two of our highest priorities. We’ll continue to work on broadening the scope of the certifications and assurances we offer to Dropbox for Business customers in the coming months. Stay tuned!

To read more about Dropbox for Business security, visit the resources section of our website.