Last month cloud-storage company Dropbox learnt they were at serious risk of computer hacking and were victims of online data security breaches. Computer software scandals like RBS’s fiasco in July demonstrate the vulnerabilities and risks that exist even in some of our most important financial systems.

Clearly these problems are not limited to consumer-facing software but are present in vital systems within our economic infrastructure. There is growing reliance on the internet and this degree of dependency on the web and computers means businesses should take more responsibility for tightening up their data security and if needs be, should turn to new software solutions. The need for advanced software is only going to grow if we are to avoid regular IT disasters with huge financial ramifications.

Over the past couple of months numerous complaints have been made by Dropbox customers whose email addresses were inundated with spam. After a prolonged investigation news came to light that the major disruption came about due to an employee simply used the same password for their Dropbox account as for their LinkedIn profile. Rogue marketers stole millions of LinkedIn passwords earlier this year, which meant all the data on that Dropbox account also became available to them.

The issue here is that customer data should have been better protected. Having admitted there were serious risks in their old system, they have only now recently initiated two-factor authentication. It seemed to be all incredibly slow in the eyes of Dropbox users, many of whom have witnessed numerous attacks on web services this year in the public domain. The complexity of web-based data opens up many doors: the option for a layered security approach is the right one.

Password authentication alone is not an effective approach to securing access to sensitive data as login details could be easily stolen or compromised. There was clearly a lack of complexity in Dropbox’s authentication systems which made some passwords vulnerable. As well as encrypting passwords, what’s really required is multi-factor authentication which includes an additional layer of protection and means password identification has to be accompanied by token verification or other means, to ensure the utmost protection. Dropbox’s recent announcement that they will be introducing two-factor authentication, involves the usual login password in addition to a new factor such as temporary code sent to a phone and will entail automated suspicious activity monitors. They also plan to give each user the power to monitor a feed of activity on their account to effectively police it themselves, just in case.

Consumer confidence takes a nosedive when scandals emerge such as unreliable IT systems and web services. The reputational damage is potentially detrimental for the business. Pressure is mounting for organisations to take greater responsibility for preventing data breaches. With more and more personal information being stored online or in the cloud, data integrity becomes an increasingly important asset for brands.

Data protection needs to be reassessed and online companies such as Dropbox, who want to succeed, should be applying the highest security standards when handling information entrusted to them by their customers. Reactionary measures to improve security after customers have been put at risk are no longer good enough and companies who want to build loyal customer bases need to make security a top priority from the start.

Paul Hunt is managing director of Phoebus Software