One Drive Logo

Ask @WinObs: How secure are my OneDrive files?

Windows Live Folders, Windows Live SkyDrive, SkyDrive, and OneDrive.

Microsoft's cloud based file sharing and syncing service, now known as OneDrive, has been through a few iterations throughout its 10 year history.

These days it is available to anyone with a Microsoft Account and typically provides 5GB of cloud based storage unless of course you have an Office 365 subscription or might have been grandfathered as storage allowances changed over the past few years.

I was recently asked just how secure are the files which users store in OneDrive and I can answer this questions from a couple of perspectives.

First let's talk about the physical security of your files on OneDrive.

To answer this part let me quote something from Microsoft about access to their data centers where your OneDrive files reside in the cloud:

"Microsoft’s datacenter personnel must pass a background check. All access to our datacenters is strictly regulated and every entry and exit are monitored. Within these datacenters, the critical Azure AD services that store customer data are located in special locked racks—their physical access is highly restricted and camera-monitored 24 hours a day. Furthermore, if one of these servers is decommissioned, all disks are logically and physically destroyed to avoid data leakage."

So that covers your data in the cloud but the other physical location for your OneDrive files is your own device(s).

Of course, you control the physical security of that hardware so obviously you want to protect the device from theft by not leaving it in your car or opened and unattended in your local coffee shop. You also want to be using a good password along with your Microsoft Account to help prevent unauthorized local access to your files. If you are running Windows 10 and your device supports it, you can also use Windows Hello for biometric authentication to help protect your account even further by logging in with your fingerprint or facial recognition.

If your devices hard drive can be encrypted using something like BitLocker in Windows 10 Pro, which is also available on Windows 8 Pro by the way, then you can use that and prevent forced access. This will keep your data protected from someone who might remove the drive and try to access the files directly from the disk. Note: For those of you on Windows 10 Home or earlier supported versions of Windows you can find several commercial options to encrypt your hard drive.

There are also methods for you to share content from your OneDrive cloud storage but that is in your control and requires access to your Microsoft Account. I refer to my earlier comments about physical access to your actual devices to control unauthorized sharing of your content. By default, every file/folder you store in OneDrive is marked private by default.

If you share a file/folder by sending a link to someone be aware that could feasinly share that same link with someone else and then they would also have access to your files/folders.

As an alternative you can invite others to access your OneDrive files by a specific invite that only they can use. This is one additional level of security for your files if you are concerned about shared links getting out in the wild.

One last area that I will cover when it comes to the security of your OneDrive files is related to privacy and the OneDrive service. Microsoft has an extensive privacy policy relating to their services and you can learn there how they approach the privacy and security of your personal information that is part of OneDrive.

So the biggest element of protection for the security of your OneDrive files is the physical security of your hardware and having a robust password for your Microsoft Account along with Two-Factor Authentication turned on.

By following these guidelines your data should remain safe and protected.
----------
Editor's note: We are featuring a past Q&A from Richard Hay. “Ask @Winobs” is available exclusively to paid subscribers of the Windows Secrets newsletter. What you see here is just a small sampling of what Hay’s's writing for the newsletter — go here for more information on how to subscribe.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish