These past few months have involved many changes. One of them has to do with our work activities. Teleworking is more current than ever and this means that we must be much more careful than usual when handling our data. We not only refer to personal data but also, we refer to the different files we manage. These can be reports, balance sheets, presentations and other documents of a delicate nature. OneDrive from Microsoft is one of the most reliable document management solutions. However, what could you do to take advantage of OneDrive more safely?
This Microsoft solution is one of the most popular in both the business and individual environment. If you are a Microsoft user, it undoubtedly allows you to easily integrate with other tools in the Office suite. In this way, you have a unified, organized digital work environment and even with the possibility of automating repetitive tasks. Although there are free versions, we also have OneDrive payment plans that combine with Microsoft 365:
- 100GB of OneDrive storage only: € 2 per month
- Office 365 Personal: 1TB of storage on OneDrive and includes Office for PC and Mac (Word, Excel, PowerPoint and Outlook) for a price of € 69 per year or € 7 per month.
- Office 365 Home: 6TB of storage on OneDrive and includes Office for PC and Mac (Word, Excel, PowerPoint and Outlook), allows you to add a total of 6 people to this account, the price is € 99 per year or € 10 per month.
However, there are certain security and protection measures that we must apply. Otherwise, we could expose personal data and everything that is sensitive. Exposure of this data results in the potential execution of ransomware attacks, provocation of loss and theft of data, in addition to the events of violations of organizational, local, regional or international compliance regulations.
One very important detail to keep in mind is that OneDrive is a cloud storage management solution . It is not a solution that creates and manages backups. This is a critical distinction that should not escape our hands. So all data that is stored in OneDrive will be accessible whenever we need it, but it will not be protected at all.
Security considerations for OneDrive
Let’s start with an apparently innocent action but one that could expose your personal files to unwanted recipients. We refer to sharing files from the OneDrive tool itself. Something that confuses users of this solution is who will be able to access certain folders and files once they are available in the cloud.
As long as you save files in the folders that correspond to personal accounts and / or that are outside the “Shared with me” folder, only you can have visibility of them. Unless you decide to change your privacy settings yourself.
What does this mean? Any user within the organization will not be able to see the content of your personal OneDrive account. However, the one who manages Microsoft accounts and services will be able to do so.
A frequently asked question by many users is: can very private and personal documents be stored in OneDrive? The answer is: you can, but you shouldn’t.
All documentation containing personal, health, banking, financial and other data should not be present in this storage solution. Fortunately, individual OneDrive accounts have a section called Personal Vault . It is like a safe that is extremely secure where you can house documents with more sensitive and delicate content. So, if you have a large amount of personal documents that you need to digitize, you could choose Personal Vault instead of the account that corresponds to your work environment, or your only personal account.
The files that are in that special folder have additional encryption, in addition, verification mechanisms must be configured to ensure that the person responsible for the documents is the one who is actually accessing them. You can choose to send a verification code by SMS or email, facial recognition or fingerprint. In the event of inactivity within this folder, if you are on the mobile after 3 minutes, the session will be closed, if you access from the web, that session will be closed after 20 minutes.
Personal Vault is currently not available for OneDrive for Business.
Should I use OneDrive for backups?
No. It is important to note that this solution does not create or manage backups. Also, we must not forget that there are important differences between cloud storage and cloud backups. Although they have points in common such as the use of hardware that is located remotely, these differences are essential when choosing one or another type of solution.
On the one hand, cloud storage allows you to host your files of choice for quick and convenient access from any authorized device. If you are an office person in different cities or countries, or if you manage multiple devices for both personal and work, OneDrive as such will be very convenient for you. On the other hand, you can restore your files if, for example, you accidentally delete any of your computer. Even, you can acquire more storage according to your need.
Now, restoring files from a cloud service is not the same as restoring files from a backup. If, for example, you delete a file that is synced in OneDrive or if it falls into ransomware, the file will be lost. Likewise, if the files were not synchronized and if copies were simply uploaded to the cloud, restoring large volumes of files from a storage solution will be practically unfeasible. Backup creation and management solutions are designed for ‘disaster’ situations where both individual and corporate users will be able to recover their files from the backup they created.
There are solutions like Duplicati (especially for individual users) that allow the management of multiple backups. Which means that you can version each copy and, according to the case, easily restore the copy you need.
Other actions for safer OneDrive use
Above all, at the organizational level, even the smallest details must be ensured to prevent exposure and data leaks. Security management of the devices used for work, especially computers, is very important. As an IT, you must ensure that all devices located both inside and outside the office have essential protection mechanisms. We talk about firewalls, antivirus-antimalware, and session restarts in case there is a certain amount of downtime.
On the other hand, if you have an office return plan in place, you must ensure that the devices maintain compliance standards. It is important not to forget that the fact that an organization gives up a computer to work from home, involves great risk. We are not talking about the risk of it being stolen, damaged or lost. Working from home does not include creating and configuring an internal network with all security standards, as well as in an office. The risks are multiple and you have to be sufficiently protected.
Mentioning security when connecting, collaborators must be educated so that they do not connect to insecure networks. In addition, the importance of not opening links that appear to be of suspicious origin must be emphasized. As much as it appears to be a reliable source, when in doubt, you should contact someone from the organization to report it. A few seconds is enough for all your data to be in the hands of cybercriminals.
Despite the fact that all these actions, in principle, involve an extra effort, we should not leave them aside. The large sums of money lost due to cyberattacks and data breach events easily exceed millions of euros. There is no doubt that the damage is great. So we all, from our place, must use the good practices of managing our data.