Resources

OneDrive Security: An Overview

With more than 250 million users and counting, Microsoft’s OneDrive is a rapidly growing enterprise file sync-and-share (EFSS) solution that’s quickly being snatched up by businesses as part of Office 365. But as with all cloud solutions, we have to ask the questions about OneDrive security: Is OneDrive security good enough on its own? And maybe more importantly, what can you do yourself to enhance OneDrive security in order to ensure that your sensitive files are as secure as possible?

What does OneDrive security provide by default?

Like most of the file sync-and-share providers, OneDrive security includes some encryption measures by default. For example, files in all OneDrive accounts are encrypted in transit using SSL, but only OneDrive for Business also provides encryption at rest (meaning that files stored on personal OneDrive accounts are pretty vulnerable). OneDrive for Business also offers per-file encryption, which gives each file its own encryption key—that way, if a key is breached and the encryption is compromised, malicious actors only have access to individual files, rather than the whole store. Finally, all OneDrive accounts come with the option of two-factor authentication, which makes it more difficult to hack into accounts.

Is OneDrive security good enough?

OneDrive security is adequate in the way other cloud sync-and-share solutions are. Storing files on at-rest servers is all well and good, but the trouble comes in when team members begin syncing files to mobile devices, sharing widely, and creating too much data to track.

Unfortunately, user mistakes are one of the biggest obstacles to making the most of OneDrive security. If an employee shares a confidential file with an unauthorized team member, emails the wrong attachment to a client, or leaves his smartphone—with hundreds of sensitive client files synced on it—in a cab, OneDrive security isn’t going to be much help in protecting those files and ensuring that they don’t fall into the wrong hands. User error is one of the major contributing factors to data breaches on any platform, and OneDrive is no exception.

With so much data proliferating on the cloud, it’s also difficult for team admins to maintain strong visibility across all accounts. It’s hard to know who’s sharing files externally and who isn’t, hard to know which users are accessing which files, and hard to know exactly which files contain sensitive data. In other words, are employees adequately protecting all files containing client Social Security numbers? Without deploying additional security measures, administrators may never really know.

Moreover, OneDrive comes with a feature that automatically syncs Outlook attachments to the cloud. While this can be convenient in some ways, it becomes an obstacle to ensuring OneDrive security. Employees may not be aware that their attachments are being stored in the cloud, and as a result may not know what’s being shared externally.

How can I enhance OneDrive security with Sookasa?

By deploying Sookasa’s CASB platform, you can enhance your team’s OneDrive security to ensure that corporate data and confidential client information stay secure at all times, data loss is easily detected, and user error is mitigated.

Sookasa for OneDrive provides team administrators with a unified Dashboard that acts as a one-stop shop for security. The Sookasa Dashboard lets admins easily see what emails and files are being shared externally, who is sharing files with whom, and which users are accessing which files. Sookasa’s Dashboard also allows administrators to control and mitigate data loss with transparent encryption. This way, the proliferation of data becomes manageable and unauthorized access can be easily detected and stopped before it’s too late.

Sookasa’s patented encryption solution also deploys file-level encryption for files at rest on servers and when synced to mobile devices. This means that files encrypted with Sookasa will be unreadable to anyone but the intended users—making the loss of a device or the inadvertent attachment a lot more manageable.

Sookasa also boosts OneDrive security by enabling audits, scanning files for customizable keywords, and enforcing security policies. Though Sookasa can’t get rid of the inevitable user mistakes, it can help mitigate them. By allowing administrators to quickly and easily revoke access to OneDrive files, devices, and users, it increases the effectiveness of OneDrive security protocols. Moreover, by allowing easy access to monitoring files, administrators can better educate their employees on the risks of file-sharing and the easy solutions that can help.

So what’s the bottom line on OneDrive security?

Like all cloud providers, OneDrive comes with some security, but not enough to guarantee the safety of sensitive data in an era when the cloud makes information practically unmanageable. Luckily, solutions like Sookasa work together with OneDrive security measures to protect your files, mitigate employee errors, and keep your company’s and clients’ information secure.