Dropbox announced today it will acquire DocSend, a secure document sharing and analytics company with over 17,000 customers, for $165 million (£118 million).

Organisations that use Dropbox will now be able to use Docsend to deliver proposals and track engagement. Through this service, users can share documents easily and securely and customise who has access to them. 

Dropbox co-founder and CEO Drew Houston said that the plan is to package together Dropbox, DocSend, and HelloSign – which Dropbox bought for $230m in 2019 – as an “end-to-end suite” of products spanning collaboration, sharing, and e-signatures. 

“DocSend is a perfect complement to our product roadmap and we’re thrilled to welcome them to our team,” Houston said.

“By bringing Dropbox, HelloSign, and DocSend together, we’ll be able to offer a full suite of secure, self-serve products to help them manage critical document workflows from start to finish.”

Russ Heddleston, DocSend co-founder and CEO,  had interned at Dropbox over a decade ago before their paths crossed again in 2019 when the two companies became extension partners.

Heddlestone said: “As we’ve grown, we’ve realized that the ability to securely share content and engage with documents after they are sent offers powerful benefits to a variety of customer segments.

“By joining Dropbox, we’ll be able to rapidly scale, bringing our vision and capabilities to the hundreds of millions of people around the world who already trust Dropbox with their most important content.”

This is the first acquisition the company has announced since declaring its shift to a remote working strategy. It had reported a “one-off” loss of $398.2 million in its fourth-quarter report last year as the company made a decision to sublease most of its office space.

Following that decision, Dropbox announced on Monday that the building it was leasing as its headquarters in San Francisco would be sold for $1.08 billion. According to Kilroy Realty Corporation, its owner, this was a new high in the San Francisco commercial real estate market, as reported by Yahoo! Finance.

Dropbox announced today it will acquire DocSend, a secure document sharing and analytics company with over 17,000 customers, for $165 million (£118 million).

Organisations that use Dropbox will now be able to use Docsend to deliver proposals and track engagement. Through this service, users can share documents easily and securely and customise who has access to them. 

Dropbox co-founder and CEO Drew Houston said that the plan is to package together Dropbox, DocSend, and HelloSign – which Dropbox bought for $230m in 2019 – as an “end-to-end suite” of products spanning collaboration, sharing, and e-signatures. 

“DocSend is a perfect complement to our product roadmap and we’re thrilled to welcome them to our team,” Houston said.

“By bringing Dropbox, HelloSign, and DocSend together, we’ll be able to offer a full suite of secure, self-serve products to help them manage critical document workflows from start to finish.”

Russ Heddleston, DocSend co-founder and CEO,  had interned at Dropbox over a decade ago before their paths crossed again in 2019 when the two companies became extension partners.

Heddlestone said: “As we’ve grown, we’ve realized that the ability to securely share content and engage with documents after they are sent offers powerful benefits to a variety of customer segments.

“By joining Dropbox, we’ll be able to rapidly scale, bringing our vision and capabilities to the hundreds of millions of people around the world who already trust Dropbox with their most important content.”

This is the first acquisition the company has announced since declaring its shift to a remote working strategy. It had reported a “one-off” loss of $398.2 million in its fourth-quarter report last year as the company made a decision to sublease most of its office space.

Following that decision, Dropbox announced on Monday that the building it was leasing as its headquarters in San Francisco would be sold for $1.08 billion. According to Kilroy Realty Corporation, its owner, this was a new high in the San Francisco commercial real estate market, as reported by Yahoo! Finance.

Intel has announced it is working with the Defense Advanced Research Projects Agency (DARPA) to help develop the ‘holy grail’ of encryption.

Intel and DARPA, a research and development US government agency, will work together to develop an accelerator for fully homomorphic encryption (FHE).

FHE is essentially encryption that allows users to perform calculations on encrypted data without decrypting it first, reducing the risk of the information being stolen when in a vulnerable state.

Intel will perform in DARPA’s Data Protection in Virtual Environments (DPRIVE) programme which aims to develop FHE. The organisation will work alongside Microsoft who will lead the commercial adoption of the technology once it has been tested in its cloud offerings, including Microsoft Azure and the JEDI cloud, with the US government.

Rosario Cammarota, principal engineer at Intel Labs and the principal investigator as part of the DARPA DPRIVE programme said: “Fully homomorphic encryption remains the holy grail in the quest to keep data secure while in use. 

“Despite strong advances in trusted execution environments and other confidential computing technologies to protect data while at rest and in transit, data is unencrypted during computation, opening the possibility of potential attacks at this stage. This frequently inhibits our ability to fully share and extract the maximum value out of data.”

According to Intel, many businesses rely on a variety of data encryption methods to protect their information while it is in transit, in use and at rest. These techniques mean that data must be decrypted for processing and during this state it can be vulnerable for misuse.

With FHE, it aims to allow users to compute on always-encrypted data, or cryptograms, which means the data doesn’t need to be decrypted and reduces the risk of potential threats. This will help organisations to use large datasets in techniques like machine learning while protecting the data.

Intel isn’t the only company looking at this technology, as last year IBM released a toolkit to allow macOS and iOS developers to utilise FHE while building apps. FHE was first discovered over a decade ago by IBM researcher Craig Gentry.

Multi-cloud environments have evolved over the years and as the digital landscape has changed, so too have enterprises.

This new way of managing online services has provided a number of benefits for many organisations. Using more than one cloud provider allows businesses greater flexibility in how they set up their digital environment as well as giving them the option to select the services and capabilities that best fit their needs.

By mixing and matching services from different providers, businesses can provide a better service to their customers and ensure they stay competitive in an ever-changing market.

However, with this new form of data management and sharing, there are always new challenges to keep in mind. If an organisation does choose to have a multi-cloud deployment, it must ensure it’s safe and secure.

According to IBM, 85% of organisations operate in a multi-cloud environment, so it’s paramount that security considerations are taken into account and the right controls are in place.

The challenges

Utilising a multi-cloud deployment comes with its own set of challenges. Storing data in multiple cloud platforms means there is a large environment to secure and different security issues to tackle from one provider to the next.

It’s useful to synchronise security policies across the different vendors that host the data so the policies are consistent across the board. Businesses also need to have complete visibility across all products, which can be complicated if they all have different security features. 

In addition, if businesses can’t monitor the whole scope of their deployments it may give attackers more space to attack or infiltrate them.

With this in mind, the security tools need to be able to view and share information across all deployments to reduce the complexity and increase efficiency. It’s also extremely important to maintain data compliance rules and have uninterrupted protection among the workloads at all times.

Identity and access management

One way of securing your multi-cloud deployment is through identity and access management (IAM). This helps to keep track of users and control access to certain data and services. It also makes life easier for IT managers to control user access to specific information across an organisation.

It essentially enables IT managers to allow users to access specific online resources like networks, storage systems, devices and more. it’s central to any directory service and helps strengthen the security of a deployment. 

Thanks to the wide variety of IT resources available, it has never been more important to have competent user management in a multi-cloud deployment to ensure the right people are accessing the right materials. Plus, by having greater control of user access, companies are able to operate more efficiently as many processes are automated instead of having to manually manage access to networks.

Regulations like GDPR also mean there is increased pressure to monitor and protect access to certain sensitive data. IAM is a great way to manage this risk and relatively low cost, meaning it’is accessible to companies of all sizes.

Identity as a service

When using IAM in the cloud, it can be complemented by using identity as a service (IDaaS) usually carried out by a third-party service provider. 

By opting to use these kinds of third party solutions, enterprises are able to manage security risks and meet legal requirements with a service that can be scaled fairly simply and extensively if needed.

IDaaS has a number of core features which are common across many providers:

Multi-factor authentication

Multi-factor authentication (MFA), also known as two-factor authentication, is a way of confirming a user’s identity by requiring two or more verification factors to gain access to an online resource. It’s more secure than just having a username or password as it requires extra identifying information.

Users must have a combination of a password and something in their physical possession like a mobile phone, token keyring, or a form of biometric technology in order to gain access to an online resource.

This is a core component of IAM and helps decrease the risk of successful cyber attacks and is essential for multi-cloud deployments.

Biometrics

Biometrics uses a person’s physical attributes for identity confirmation. The most common real-world examples of this would be fingerprint unlocking on smartphones and laptops, as well as facial recognition tech like Apple’s FaceID. This also applies to retina recognition, full facial recognition, hand or even DNA usage.

This gives your deployment additional security as a user has to be physically present to gain access to the system using their biometrics and underlines the reliability of this form of authentication as it’s based on unique data.

Single Sign-On (SSO)

Single sign-on (SSO) allows users to log into one application and then be given access to other designated applications. It helps provide a seamless experience to users as they don’t have to constantly log into different services or applications and reduces the friction involved.

An example of this is Google services where by signing into your Google account you can then access Gmail, Youtube, Drive and more without having to sign in each time.

If a cloud deployment is located on different platforms, it will help users if they don’t have to use too many usernames and passwords to access certain services. By having SSO, username and password sprawl can be reduced while improving the security at the same time. As it’s harder for credentials to be compromised, there will be less of a need for multiple usernames and passwords across the services a business provides.

Making the right choice

The way businesses choose to secure their multi-cloud deployments will vary depending on how the organisation’s environment is set out and who should be able to access different parts of it.

Having the right tools in place ensures the correct security is implemented within an organisation with multiple cloud platforms. Plus, it’s a good way to reduce complexity across a deployment and by centralising the security, businesses can ensure employees or users only have access to the information they are supposed to and respect data compliance rules.