This quick HOWTO is inspired by the trial-and-error learnings we've had at RevenueLoan over the last several months of getting into business. I'm using the example of a new company called, uncreatively, "NewCo." (If your business has an absurdly long name, pick a nice abbreviation with no spaces or punctuation, e.g. "Consolidated Anglo-Sudanese Hamstertraps Company, GmbH" => "cashco")
Use ONE Dropbox folder off of the root. Put everything of note into it. The first few folders will probably look like this:
Since the only people using it at this point are founders, don't worry about who-can-see-what. (DO, however, worry about general security; see below for "Paranoia.")
However, one VERY important thing should be settled here: who will "own" the Dropbox folder setup. In general, this should be someone very unlikely to leave. If you're a non-technical CEO, there may be a temptation to punt this to an early dev hire or such; I suggest you use this simple HOWTO to manage it yourself.
If you have significantly more than 2 founders, chances are you're doing it wrong ... but nonetheless, move on to II. below because you'll need to add some more structure soon.
Once you start actually hiring people, even contractors, you will want and need to keep certain things private. This is not just for Machiavellian reasons; it's a duty you owe people who must, by law, trust you with their personal information (like SSN, salary info, etc.).
The RIGHT WAY to do this is to create a new Dropbox folder off of the root, and call it "newco-everybody". (This creates a big screaming warning flag that "everybody" in the company can see this folder.)
Then, move ONLY those particular files and folders from your "newco" folder into the "newco-everybody" folder, which everybody (or nearly everybody) needs to see. These include:
The old "newco" folder is kept only accessible to executives. I recommend only the CEO and CFO, in an early company, plus maybe a trusted admin or bookkeeper. (Later, you might add a controller or inside counsel to this inner circle.) Obviously, at this point, you'll need to start choosing where new documents go. Our pattern has been to put the following ONLY in the executive / founder folder:
When you're comfortable with how this is all set up, there's one final important thing to do. Go onto the Dropbox site, and under the "Account Info" tab in "Account," sign up for "Packrat" unlimited undo history. (Unless you're planning on pulling a "full Enron" and being totally evil, I guarantee this feature will save your ass at some point. Once you become a big enough company to install real document management, you will have expensive laywers to tell you not to do this, and you should listen to them then.)
Dropbox has a great policy about disk use. You get a lot for free. But, their policy is subtlely nefarious, and you gotta love it: the free space limit applies to ALL the Dropbox folders on a given computer, and, you can only have ONE account per computer. This means that the moment your "newco-everybody" folder reaches the free-account limit, EVERYBODY in your company now has to sign up for the paid account.
Now, I'm all for paying for Dropbox when you need it. But, it's silly if you have 20 people and only 3 of them need the paid account, to shell out for everyone.
So, make a THIRD folder off of the Dropbox root, and call it "newco-giant" (or something). Chances are, unless you have a unique business model I haven't thought of, the only stuff going in here will be .MPEG files of video to be edited, or large backups, or disk ISO images etc. -- any of which are generally only used by a subset of your team (e.g., just the creatives, or just the IT ops guys). Hence, only those folks should need to pay.
With each partner or group of partners that you start working with on a particular project, create a "deal room" or "project" folder. You should be loathe to permit any non-employee or non-contractor to access the "everybody" folder.
V. When people must leave the firm.
Alas, all good (and not so good) things come to an end. So when a colleague leaves the company, it's important to remind them to voluntarily return all originals and destroy all copies; your NDAs and agreements with these folks should have such clauses included. However, you should also be sure to log into Dropbox, and for each "root" folder (e.g. "newco-everybody",) ensure that their access is removed and that they are *not* permitted to retain a copy.
(If you do want to leave employees with copies of certain information, make a non-Dropbox folder to put the files in, and give them that in a zipfile ... or in a dedicated, separate Dropbox folder ;)
Your mileage may vary, but I do recommend the following:
Comments welcome, of course.