Many organizations think that Microsoft OneDrive, an electronic file sync and share (EFSS) tool, provides “good enough” backup and restore capabilities for their enterprise data. But it’s a risky misconception. OneDrive is purpose-built for EFSS, just as third-party data protection solutions are purpose-built, from the ground up, to reliably protect all the data on a user’s endpoint device.
Employee turnover and insider threats
A departing colleague, wanting to be responsible, may “clean their desk” by bulk-deleting what they think of as voluminous old and unnecessary files. Another employee or rogue admin, this one quite angry, may maliciously bulk-delete whatever important files they can access. Due to OneDrive’s inherent collaboration features, both have access to primary (their own files) and secondary (OneDrive-Shared drive) data.
If the data protection solution includes anomaly detection, it can alert IT to an insider attack and pinpoint when it occurred, speeding the restore process.
Device loss, theft, and corruption
Users misplace endpoints regularly, and laptop and smartphone theft is rampant. The cost of the endpoint is one thing. The cost of losing locally stored data, the hours and days of productivity that went into it, is probably much more. But the cost of a data breach can be astronomical.
You can’t recover the data with OneDrive, and you can’t remotely wipe or encrypt the data. Likewise, if a device is damaged or severely corrupted, IT needs to quickly provide the user with a replacement that’s up-and-running with the same systems, applications, and content. Even for any data stored on OneDrive, it doesn’t support IT-led bulk-recovery — the end-user has to find and replace content file by file.
Accidental loss of intellectual property
The upside to OneDrive file sharing is the ease of collaboration. The downside is the ease of overwriting or deleting someone else’s work. If changes aren’t discovered within the OneDrive retention window, data may be lost forever. Another vulnerability is OneDrive’s use of designated folders. Endpoint system files, applications, persona settings, and other data located outside the OneDrive folder simply isn’t backed up. OneDrive files are also subject to size and pathname limitations — large presentations and media files may be unprotected.
Vulnerability to ransomware
Given the enormous number of attacks from ransom and other malware, some will eventually succeed. If enterprises can restore pristine backups, no ransom needs to be paid, but the loss of productivity can be significant. Whatever time it takes to find uninfected file versions and restore them — typically a business continuity SLA — costs both IT and the end-user. If there are no pristine versions because of data retention limitations or because files are outside OneDrive folders, data may be lost forever.
Legal hold, eDiscovery, and regulatory compliance
The most expensive Office365 editions and Microsoft add-ons offer some legal hold and eDiscovery features. However, OneDrive alone does not and any Office365 solution requires saving files in specific OneDrive folders. For departing employees’ data that is often critically important for legal hold and compliance analysis, OneDrive provides no support once an employee’s account is deleted.
Download this eBook to learn how to:
- Prepare for departing employees and prevent insider threats.
- Safeguard data from device loss, theft, and corruption.
- Recover accidentally lost intellectual property.
- Prevent ransomware attacks.