Dropbox
by Dropbox
FedRAMP Status
Not FedRAMP Authorized
Impact Level
N/A
Category
Cloud Storage
Overview
Dropbox is a widely used commercial cloud storage service. Its commercial version is not FedRAMP authorized and lacks the security controls required for CUI storage and sharing.
CUI Risk Assessment
Not FedRAMP authorized. Using this tool for CUI creates compliance violations under NIST 800-171 and DFARS 252.204-7012.
NIST 800-171 Violations
Using Dropbox for CUI without FedRAMP authorization may violate these NIST 800-171 controls:
FedRAMP Compliant Alternatives
Frequently Asked Questions
Is Dropbox FedRAMP authorized?
No. The commercial version of Dropbox does not hold FedRAMP authorization at any level.
Can I use Dropbox with CUI?
No. Storing CUI on Dropbox violates NIST 800-171 access control and system protection requirements. Use AWS GovCloud or Azure Government instead.
What is a compliant alternative to Dropbox?
AWS GovCloud and Microsoft Azure Government are FedRAMP High authorized cloud storage platforms for CUI.
Run a Full Tech Stack Audit
Check all your enterprise tools at once with our free CUI Compliance Auditor.
Launch CUI Auditor