Dropbox for Business sales push overshadowed by vulnerability

Last week, Dropbox wanted its news to be about its growing sales presence abroad — it’s expanding the partner channel for Dropbox for Business to the European Union, Canada, United Kingdom, Australia and New Zealand. But that plan went sideways when news surfaced (thanks to rival Intralinks) of a vulnerability in the way Dropbox handled live URLs.

In an email to reporters, an Intralinks spokeswoman said the issue surfaced in a “routine Google(s goog) Adwords campaign” when referral searches led to documents that contained personally identifiable information. This was because users went with a default public setting before sharing their documents.

tax image

Intralinks reportedly alerted Dropbox about this in November and was told it was not a huge deal. Last week, Dropbox issued a fix.

Companies that classify themselves as enterprise-grade file-share-and-sync providers (companies like, say, Intralinks) love to claim that consumer-oriented Dropbox isn’t ready for primetime, but to be fair, business-class software often suffers from vulnerabilities as well. Remember the massive Adobe(s adbe) Systems vulnerability affecting Flash, Acrobat, and Cold Fusion? Glass houses, people.

Still, the timing was awful for Dropbox which is trying to get a good chunk of its 250 million users to actually pay for Dropbox for Business, which starts at $795 per year for 5 users.

Meanwhile, Dropbox competitor Box managed a coup, announcing a huge deal with Fortune 100 stalwart General Electric, which will roll out Box file-share-collaboration to some 300,000 users. No terms were disclosed, but GE is a paying customer. Box acknowledged it took two years to get the deal done, showing that enterprise software deals can still take a long, long time.

For Box and Dropbox alike, it’s really hard to convert free users to paid customers. Bulking up channel presence is one thing. But reassuring CIOs and IT admins that a consumer-focused product has the built-in security and reliability expected by CIOs is another. Complicating matters is that industry giants Google and Microsoft(s msft) are going after the same customers with their own cloud storage and file-sharing products.

Adam Nelson, head of Dropbox’s channel partnerships, said Dropbox is an easy sale into businesses since most employees already use it and many consumers love the fact that Dropbox works pretty well with a variety of Apple(s aapl), Android and Windows devices. But Dropbox also has to get sign-off from risk-averse IT pros who don’t like to hear about product vulnerabilities.

Eucalyptus updates private cloud

Open-source cloud provider Eucalyptus’ new Eucalyptus 4.0 release wants to appeal to IT “ops” people as much as it does to developers, Eucalyptus CEO Martin Mickos said.  And it wants to support all the popular scale-out storage options, so now supports Riak CS cloud storage with Ceph support to come.

Eucalyptus touts itself as an Amazon(s amzn) Web Services-compatible private cloud infrastructure — not a bad place to be in a world where AWS dominates the public cloud market but many companies — especially those with strict regulatory requirements — remain anxious about a full public-cloud deployment model.

Mickos will also be on hand at Structure next month to talk about how its private-public cloud partnership with Amazon is going and it’s likely we’ll revisit the debate about how many private open-source cloud options — OpenStack? CloudStack? OpenNebula? Eucalyptus? — the world really needs going forward.

Eucalyptus 4.0 also lets customers run popular AWS services — EC2 compute and S3 storage– outside its own cloud controller which can ease bottlenecks.

Structure Show — HP launches an OpenStack of its own — and indemnifies it

If there was any doubt that cloud is now an enterprise deployment option, look at what HP(s hpq) just did — It announced “cap-less” indemnification of its cloud technologies. In theory, that means if a customer is sued over IP issues, HP will foot the bill. If you didn’t get why that was important, check out last week’s ruling in the Oracle v. Google lawsuit.

More cloud news

Major open-source cloud players prep for Structure debate and maybe a group hug

Four things to watch for at next week’s OpenStack Summit 

More shakeups at SAP as cloud head Price leaves the company