While OneDrive could seem sort of a secure cloud storage solution for companies looking to use Microsoft’s suite of business tools, many glaring security issues can expose sensitive data and personally identifiable information (PII) if proper protection protocols are ignored. Data theft, data loss, ransomware, and compliance violations are just a couple of things that organizations got to await as their employees increasingly believe this application to save lots of more and more documents to the cloud.
While OneDrive does provide cloud storage, it doesn’t have cloud backup functionality, a critical distinction that has got to be made when choosing which information to upload and share. the info is accessible, but not protected. How can businesses ensure they’re mitigating security risks, while also enabling employee access? Below we’ll discuss a number of the foremost significant security gaps related to OneDrive and highlight the steps organizations can fancy better protect their data.
One area that always breeds confusion for OneDrive users is who can access company files once they’re uploaded within the cloud. for workers saving documents on their personal accounts, all the files created or added outside of a “Shared with Me” folder are private until the user decides otherwise. At now, files are encrypted for anyone but the creator and Microsoft personnel with administrative rights. for somebody else to ascertain your data, you’ve got to share the folder or a separate file.
The same rule holds for files shared on an OneDrive for Business account, with one exception: a policy set by an administrator determines the visibility of the info you create within the “Shared” folder.
Are sensitive documents safe in OneDrive?
For purposes of this text, sensitive documents ask materials that contain either personally identifiable information (PII), personal health information (PHI), financial information, or data covered under FISMA and GLBA compliance requirements. As we established above, these sorts of documents are often saved one among two ways – by a private under a private OneDrive account or uploaded under a Business account. albeit your business doesn’t subscribe to an OneDrive business account, organizations should remember that employees could also be emailing themselves documents or sharing them to their personal OneDrive folders for straightforward access, especially over the past several months with most employees performing from home.
For personal users, OneDrive features a feature called Personal Vault (PV). How secure is that the OneDrive Personal Vault? it’s a secure located in your Files folder explicitly designed for sensitive information.
When using PV, your files are encrypted until your identity is verified. it’s several different verification methods that users can found out, whether it’s a fingerprint, a face ID, or a one-time code sent via email or SMS. The PV folder also has an idle-time screensaver that locks if you’re inactive for 3 minutes on the mobile app, and 20 minutes on the online. To regain access, you would like to verify yourself again.
Interestingly, the PV function isn’t available within the OneDrive for Business package. Therefore, if your organization has no other thanks to storing sensitive data than on OneDrive, additional security measures must be taken.
OneDrive isn’t a backup solution
OneDrive isn’t a backup tool. OneDrive provides cloud storage, and there’s a huge difference between cloud backup and cloud storage. they need a couple of things in common, like storing your files on remote hardware. But it’s not enough to form them interchangeably.
In short, cloud storage may be a place within the cloud where you upload (manually or automatically) and keep all of your files. Cloud storage allows you to succeed in files from any device at any time, making it a beautiful option for workers on the go and people that employees from different locations. It also allows you to manually restore files from storage just in case of unwanted deletion and scale storage for your needs. While “restoring files” sounds eerily almost like backup protection, it’s some fundamental faults. for instance, if you mistakenly delete an enter storage, or it had been hit by ransomware and encrypted, you’ll consider the file lost. This makes OneDrive storage alone a weak solution for businesses. If disaster strikes and knowledge is compromised, the organization will haven’t any thanks to restoring high volumes of knowledge.
Cloud backup, on the opposite hand, maybe a service that uses cloud storage to save lots of files, but its functionality doesn’t end there. Cloud backup services automatically copy your data to the cargo area and restore your data relatively quickly after a disaster. you’ll also restore multiple versions of a backed-up file, look for specific files, and it protects data from most of the widespread threats, including accidental deletion, brute-force attacks, and ransomware.
In summary: cloud storage provides access, cloud backup provides protection.
What are the foremost common OneDrive risks?
All the safety issues tied with using OneDrive are common for many cloud storage services. Both individual OneDrive and OneDrive for Business have multiple risks, including data theft, data loss, corrupted data, and therefore the inadvertent sharing of critical information. Given the convenience of access to documents in OneDrive, compliance violations also are a top concern for organizations that affect sensitive data.
How are you able to maximize OneDrive security?
To minimize the above security issues, organizations got to follow a group of strict protocols, including:
1. Device security protocols – Several general security protocols should be implemented with devices using OneDrive. a number of the foremost basic include mandatory downloading of antivirus software and ensuring it’s current on all employee devices. Other steps include employing a firewall, which can block all questionable inbound traffic, and activating idle-time screensaver passwords. As employees return from remote work locations and convey their devices back on-premise, it’s crucial to make sure all devices have updated security and meet the newest compliance requirements.
2. Network security protocols – additionally to using protected devices, employees should be especially cautious when connecting to any unsecured networks. Before connecting to a hotspot, instruct employees to form sure the connection is encrypted and never open OneDrive if the link is unfamiliar. Turning off the functionality that permits your computer to attach to in-range networks automatically is one easy thanks to adding a layer of protection.
3. Protocols for secure sharing – confirm to terminate OneDrive for Business access for any users who are not any longer with the corporate. Having an employee offboarding process that has this step lessens the danger of a former employee stealing documents or information. confirm to permit access to only invited viewers on OneDrive. If you share a file or folder with “Everyone” or enable access with the link, it exposes new risks as anyone on the web can find and access your document. It’s also helpful to possess outlined rules for downloading and sharing documents inside, and out of doors, the corporation.
4. Secure sensitive data – Avoid storing any payment data in any Office 365 products. For other confidential documents, individual users can use PV. Organizations can store sensitive data only by employing a secure on-premises or encrypted third-party cloud backup service that’s compliant with data regulations mandatory for your organization.
5. Use a cloud backup solution – To best protect your company from all sides, it’s essential to use a cloud backup solution when saving valuable information to OneDrive. confirm any backup solution you select has cloud-to-cloud capabilities with automatic daily backup. additionally, a ransomware protection service that scans OneDrive and other Office 365 services for ransomware and automatically blocks attacks is your best defense against costly takeovers.
Whether it’s preparing for upcoming mandatory regulations or handling the sudden management of employees working offsite, the safety landscape is ever-changing. maintaining with the newest methods to stay your company both protected and compliant may be a challenge that needs constant attention. With a couple of critical steps and therefore the utilization of the latest technology, business users can protect themselves and lessen the danger to their data.
source: help net security