OneDrive has little security features, but enough to protect files on the cloud for average users. If you have sensitive information that you store to the cloud, you must take some measures for securing OneDrive files in the event of a data breach. This article talks about the options to secure files on OneDrive and whether encryption is feasible.
Encrypt & secure OneDrive files
Without anything on your part, the default methods of security of files on OneDrive are as follows:
- Password Protection
- Sharing Choices
- Encryption during Sync
Password protection is nothing except for the usual login process. You can add another layer of security to the process by enabling two-step authentication for OneDrive. Once you enable the two step authentication for Hotmail or Outlook, it is applied to your entire Microsoft account and you will have to go through it to use any of the Microsoft services, including XBox, etc. For apps that require offsite authentication (for example, fetching emails on desktop Microsoft Outlook), you have to create a key that you can use with such apps.
Sharing choices are the default permissions that you exercise to share files with different people. You have three options: Only Me, People with a Link, and Public. Files having “Public” as sharing option can be viewed by anyone. Files shared using a link may be accessed by people having link to that file. No password is required. “Only Me” is self-explanatory: no one except you can view files uploaded. By default, the sharing options are set to “Only Me” for files in folders other than Shared Documents and Photos.
Note that if you upload a file via smartphone OneDrive app, there is no guarantee that the default option would be “Only Me” as I have come across statements where people said such files are “shared with friends”. It is better to check the sharing options carefully from a tablet or even the smartphone after uploading the file. If you are uploading a file to a folder that has setting of “Public”, its content will acquire the sharing setting and may be visible to anyone stumbling upon the file. Hence, I reiterate that check the share settings after you upload the file(s).
OneDrive says that its apps use 256 bit encryption when syncing files. That is, if you are uploading a file to OneDrive, a secure connection is established. However, there is no encryption after the files are uploaded and it has a reason. We’ll come to it when studying feasibility of encryption on OneDrive later in this article.
Encrypting OneDrive files for security
There are many third-party programs available to encrypt entire hard drives or on a file to file basis. The Windows Club has a list of some of the best free file encryption software. You can use these programs to encrypt the entire OneDrive folders on your local computer, so that when they are uploaded, they are encrypted – or you can encrypt only the ones containing sensitive information. You may also use Windows default BitLocker or NTFS encryption to encrypt the files.
Feasibility of File Encryption on OneDrive
But is this kind of encryption really feasible?
In my opinion, if you are uploading files to OneDrive for your own use, encryption will give you an edge – though it may slow down process of opening and saving files as it has to de-crypt them before opening. But if you intend to share it with others, is it still feasible? Check out the next section.
As said earlier, if you are using OneDrive as a remote storage for yourself only, encryption is ok. But if you are to use OneDrive for collaboration, it will be hard for others to find a program that is able to decrypt the files properly. Suppose you encrypt a folder with TrueCrypt before uploading it. Others can also install TrueCrypt as it is free. But will it really help them in collaborating?
The process of decrypting the files is also tough and takes too long. And it is not necessary that the other party can decrypt it always. As far as I know, encryption key is not stored with the file information. If that doesn’t happen, how is the other party going to decrypt the file for collaborating or anything?
In such cases, the whole purpose of OneDrive is defeated because though you can share the files, you cannot have the other person access them easily or maybe, the other person may not be able to access it at all.
Hence files on OneDrive are not encrypted by the company. If you encrypt them, do it for your own usage. If you wish to use OneDrive for collaboration and real time file sharing, encryption will be a hurdle big enough for others to give up.
These are my own views. I do not know if there is any solution available for sharing encrypted file along with the encryption key or how easy it would be. If you have thoughts on this, please do share.