Gartner’s Software Advice Names DropSecure a 2022 FrontRunner for File Sharing

Out of over 100 products evaluated by Gartner, DropSecure was named a leader in the 2022 File Sharing Software FrontRunners Quadrant, with customer ratings higher than some of the giants in the industry.

DropSecure was named a FrontRunner for File Sharing Software by Gartner’s Software Advice. The FrontRunners quadrant report analyses hundreds of products to help businesses determine suitable software for their needs.

DropSecure leads the File Sharing category with a customer rating of 4.96 out of 5 with perfect ratings for ease-of-use, functionality, customer support and value for money. DropSecure received customer ratings higher than some of the big players in the file sharing industry.

“We are happy to be recognized as a FrontRunner,” said Amish Gandhi, CEO of DropSecure. “FrontRunner award recognizes our high scores in usability and customer satisfaction. This recognition also proves how crucial data security is for businesses. We are thankful for the trust of our customers and all the positive reviews.”

The FrontRunners quadrant, powered by Gartner Methodology, provides a data-driven assessment of products in a particular software category to determine which ones offer the best capability and value for businesses. It is designed to assist small leaders in making a software purchase.

DropSecure invites you to check out our award-winning features, praised by Gartner’s review platforms Capterra and GetApp and experience our Free Trial or Book a Demo:

DropSecure Free Trial DropSecure Book a Demo

ABOUT DROPSECURE:

DropSecure is a cloud-based file transfer solution that utilizes military-grade encryption to ensure the privacy and safety of data being shared and stored. The platform is equipped with all the necessary tools to securely share files within and outside your organization. Keys for unlocking data are completely safe from unauthorized access because they are never shared with anyone, not even to DropSecure staff unless the sender explicitly chose to.

Website: www.dropsecure.com

Amish Gandhi, DropSecure: “as all the world’s information is being captured digitally, data has become the new gold”

Both companies and users are prone to experience data breaches and password leaks, making data exchanging a risky activity.

Falling victim to such cyber threats as data breaches can result in various consequences. While regular users may experience major financial losses, businesses may also end up ruining their brand’s reputation.

There are many ways in which users have an option to employ smart solutions, such as security tools or cloud technology. Moving your data to the cloud while keeping it safe and private could have major advantages.

We invited Amish Gandhi, the CEO of DropSecure – a file share platform with zero knowledge, end-to-end encryption – to talk with us about challenges users face regarding privacy and security in the Internet era and what’s on the line for data protection innovation.

How did DropSecure originate? What has your journey been like since?

Have you ever sent private information digitally? We all have. When I had a need to send my own financial documents for a mortgage application, I couldn’t find a single service that could encrypt and send documents safely. So I manually encrypted the data and sent it to my loan service provider. That was the inception of DropSecure.

If you look at the trajectory of privacy and security in the Internet era, it has been steadily going down. Almost all digital documents exchanged today are susceptible to leaks, not to mention that they are directly accessible by your Cloud Service Provider (CSP). Digital documents exchanged via services available today – like email and other popular file sharing providers are also not private. That means they’re accessible to anyone with the will to do so.

The solution to this is encryption. But what I did – manually encrypting data – is painful, even for people that know how to do it. And so DropSecure was born.

Founding DropSecure embarked me on a journey from Engineer to Engineer-Entrepreneur. Hearing customers say that “this is exactly what they were looking for,” makes me grateful and assured that we’re making a difference. At the same time, we have just begun our journey to bring more innovation in making data sharing seamless with the highest security available. We strive to enable customers with encryption they love to use, and that is what gets me excited every day.

Please tell us what you do. What is end-to-end encryption?

DropSecure is a private and secure document, and data exchange platform, where only the sender and intended recipients have access. No one else, including the CSP, has access to your information.

That’s the idea behind end-to-end encryption – ensuring full protection from third parties accessing the data while it’s transferred from one end system or device to another.

End-to-end encryption means the data is encrypted at the source (on the sender’s device) before it’s sent over the Internet, and the keys to decrypt the data are protected. That’s important because it means that the data can safely be stored anywhere since it’s encrypted and the keys to unlock the encryption are secured separately. This is what keeps data safe from hacks, leaks, or anyone trying to steal the information.

At DropSecure, we use multiple layers of key wrapping – the primary key used to encrypt the data is protected by a layer of secondary keys, so only the intended recipients have access to those keys. Even within DropSecure, we are unable to decrypt our client’s information. We accomplish this security primarily by employing a combination of symmetric and asymmetric cryptography. An interesting explanation of this technology can be found in our help & resources sections.

In your opinion, what types of organizations should be especially concerned about encrypting their data?

Well, the short answer is – every organization would benefit by providing encryption tools to their teams. Many companies provide security awareness training, recognizing that employees represent the frontline in protecting organizational and customer data. Enabling the workforce with end-to-end encryption tools is an essential part of operationalizing data security.

From a data privacy point of view, businesses around the world are increasingly required to comply with more stringent and more enforced data privacy regulations. The EU introduced the General Data Protection Regulation (GDPR) in 2018 followed by the California Consumer Privacy Act (CCPA) in 2020. Both regulations set new standards for data privacy, and the expectation is that similar regulations will soon protect the majority of the world’s population. Very likely, this could happen in just a couple of years. Some sectors, such as businesses servicing the government sector, already have requirements – and with more on the way, such as the CMMC here in the US, that require encrypting data and documents.

The truth is, nearly every business sends and receives information that no one else should gain access to, from trade secrets to customer information to financial documents. No business can hide from the gravity of losing control over sensitive data in a cybersecurity breach or violating increasingly mandatory privacy laws, both in terms of direct costs, as well as reputation damage. Encryption is the only way to protect your data today – even if systems are breached – the underlying data is not leaked.

Have you noticed any new rising threats as a result of the recent global events?

Unfortunately, as all the world’s information is being captured digitally, data has become the new gold. Everyone, from hackers to competitors and state actors are trying to get hold of valuable information available online. This means that the number of cyberattacks and breaches keep on rising. The most important threat right now is the ongoing war between the aggressor Russia and Ukraine. The threat is so high that President Biden had to issue a statement asking all domestic organizations to harden their security in an effort to strengthen our national resilience.

What measures do you think everyone should implement to be protected from these emerging threats?

Today’s emerging threats are not new as sensitive information is always at a risk of being stolen. To prevent such attacks, both companies and individuals need to have a basic security system. Here are some simple things to practice:

  • Make sure you choose a strong password and enable MFA.
  • Don’t click on emails that look suspicious or are from unknown recipients.
  • Avoid sending sensitive information via insecure channels.
  • Store your data on a cloud that always uses end-to-end encryption.
  • Don’t install any software on your device without verifying the creator.
  • Keep your software up to date.
  • Practice regular cybersecurity training.

Since DropSecure utilizes zero-knowledge end-to-end encryption, if you follow proper security hygiene, your data is at much less risk of getting stolen.

What are the main risks when it comes to handling data that hasn’t been encrypted?

Would you send your financial documents via a mail courier without sealing your envelope? Encrypting your data is similar to sealing your envelope, so no one else but only you and your intended recipients have access to it. Hence, data should never be handled without end-to-end encryption over the internet. As I mentioned earlier, we have taken a step back by sending data in plain text and that needs to change. DropSecure is one of the agents to make that change now.

In your opinion, what are some of the worst behaviors that can lead to both the company’s and their customer data being compromised?

Email is probably the most vulnerable and easily compromised medium these days. Using email to exchange sensitive information without any additional protection like end-to-end encryption is risky. When data is sent over email, most users don’t realize that the data not only lives in your recipients’ inbox forever, but also stays on recipients’ and senders’ email service provider’s cloud and sender’s sent folder forever. By sending one email that could contain SSN, payment information, etc, the data has proliferated to a multitude of places and is out of your control that you can never get back.

Talking about the future, what predictions do you have for the data security landscape for the upcoming years?

  • Security will become part of everything. Every digital initiative will need to take security considerations into account.
  • End-to-end encryption will become the only way to store and share documents – any documents, not just sensitive documents.
  • The awareness of the zero-knowledge concept will increase significantly, and more and more businesses, and individuals will embrace zero-knowledge solutions.

And finally, what does the future hold for DropSecure?

With the current growth trajectory, we would like to believe that DropSecure will be recognized as a market leader in the space of secure data storage and sharing space. We have ambitious plans, not only to expand our geographical reach but also to innovate and extend our product offerings while keeping the focus on the cybersecurity space. We believe that the next few years will be very exciting for DropSecure.

Why you should be ditching Dropbox

99.99% of digital documents exchanged today are susceptible to leaks and directly accessible by your Cloud Service Provider. Your documents are essentially available to anyone with the will, or want, to do so.

There’s a good way to stop this too – end-to-end encryption. Amish Gandhi, CEO of the secure file-sharing platform DropSecure, is on a mission to make data sharing privacy easily available to all. We spoke to him about how encryption works and why we shouldn’t be using Dropbox anymore.

What was the inspiration behind DropSecure?

I needed to send my own financial documents for a mortgage, but I couldn’t find a single service that could encrypt and send them safely. So, I manually encrypted the data myself and sent it to my loan service provider.

It’s a pretty painful process to encrypt documents manually, and not everyone has the knowhow on how to do it either. And so DropSecure was born, a service that helps individuals and businesses exchange documents and data privately and securely so only they and their intended recipients have access to their data.

Why is it important to encrypt the files you are sending?

There are two ways to exchange files: encrypted and unencrypted.

When you attach an unencrypted file, for example when sending via Gmail, your file contents are in clear text. This means if you send a mail to recipient on a different email service like Yahoo, now Yahoo will also have access to this document.

Unknowingly you have just increased the surface area for your data to be leaked. And since these documents stay on the cloud forever, whenever it is backed up by Google, this means they are forever vulnerable.

Encrypting a file means the actual contents are garbled with an external password. To decrypt the contents of the file, the password is required. If AES-256 encryption is used, it will take years for a super-computer to break that password.

It is the same technology used for cryptocurrency, and we’ve all seen the news stories about what happens when someone loses the key to their wallet – the currency is lost. Similar principle applies here, if the password is lost, no one can decrypt the data

DropSecure has ‘military-grade encryption’. What does this mean?

The US defense uses AES-256 based symmetric encryption to exchange all their data. But their systems are so complicated to setup that no one uses it.

At DropSecure we have bridged the gap between military-grade security and usability with our innovative key management system. This way everyone can benefit from the top-level security without needing the internal technical know-how on how it’s done.

DropSecure also uses ‘Zero Knowledge’ when transferring data. What does this mean? 

Even though we store the data and documents sent by our users, because of our end-to-end encryption we’ll never be able to see the contents of their data. DropSecure will always have ‘Zero Knowledge’. We even encrypt the file names. Essentially no one owns the keys to your documents apart from you, not even us.

Three reasons someone should choose DropSecure, over Dropbox?

There are lots! But here are our top three for starters:

  • Dropbox has many features, but the security is bolted-on, rather than in-built. So, Dropbox has complete access to all your documents and data, while DropSecure does not. If any breaches happened – like the recent Log4Shell attacks – your data will be safe. But if with Dropbox, it can be leaked.
  • By default, all shared links are public in Dropbox, which means anyone who can get hold of your shared link can see and share your documents.
  • Dropbox has no way for someone to send data securely without registering. But with DropSecure every user gets their own `My DropSecure Link` that they can use to receive documents with end-to-end encryption from anyone.

Should individuals, as well as businesses, be encrypting their files?

We believe that privacy is a fundamental right. Be it for government, company or an individual.  From that perspective, everybody should take every effort to protect their privacy.

Awards and Achievements