Security in Microsoft OneDrive

The choice of cloud services is constantly growing, with providers such as Dropbox, Google Drive and iCloud competing for customers. As part of a Microsoft account, Microsoft also offers its own cloud storage called OneDrive. In this article, we'll take a closer look at OneDrive's security and privacy.

Introducing OneDrive

OneDrive is a cloud storage service offered by Microsoft that is often used in conjunction with Microsoft Office 365. Users can use it to create documents and share them with others, regardless of location and time, including via mobile devices. Originally launched as Windows Live Folders (formerly FolderShare) in 2007, the service was renamed OneDrive in 2014. Companies often use OneDrive as part of Office 365 to create a seamless connection between cloud storage and local file creation, making it easier to collaborate on files.

Security in Microsoft OneDrive

The possibilities for collaboration are many, but what about security, especially when it comes to personal data? Companies must ensure they comply with GDPR requirements to avoid data breaches. A central point is the security of the OneDrive cloud storage.
At this point, Microsoft OneDrive shows some security flaws that endanger confidentiality. In comparison, Scramble Cloud offers a secure alternative.

A fundamental risk is that with OneDrive only data transmission is encrypted using Transport Layer Security (TLS). The data is stored unencrypted on Microsoft's servers, which theoretically gives Microsoft the ability to access the data at any time. This poses security risks. In contrast, Scramble Cloud offers complete end-to-end encryption, which means that we as operators have no access to the stored data.

Criticism of Microsoft by data protection advocates

Microsoft hat in der Vergangenheit Kritik von Datenschützern erhalten, da die verschiedenen Verschlüsselungsverfahren oft einen Zugriff von Dritten nicht ausschließen. Eine vollständige Ende-zu-Ende Verschlüsselung wie bei Scramble Cloud bietet dagegen einen verlässlichen Schutz gegen eine Vielzahl von Angriffen.

OneDrive location in the US

Storing sensitive data on servers in the US poses various risks and concerns. A main reason for this is the lack of strict data protection laws compared to other countries such as the EU. In the US, government authorities can access data without having to inform the data subjects. This may result in a loss of privacy and an increased risk of misuse of personal information. Additionally, U.S. companies may be forced by national security laws to share data with government agencies, jeopardizing the confidentiality of sensitive data.

Compliance

Companies' use of OneDrive to store sensitive corporate data in the US can raise compliance issues. The United States does not have the same strict data protection laws as many other countries, which is why companies using OneDrive may have difficulty meeting the requirements of various data protection regulations. In particular, companies based in the European Union must ensure that they comply with the provisions of the General Data Protection Regulation (GDPR) when it comes to storing and processing personal data. Because OneDrive data is stored in the US, it is not subject to the same data protection standards as in the EU. This can result in significant legal and financial risks, including fines and reputational damage, if data breaches occur. Many cloud storage providers have a history of security vulnerabilities that allowed unauthorized individuals to access sensitive data. Consistent encryption of data in the cloud, where users retain control over the keys and storage locations, is the only effective protection against this.
For this reason, it is important for companies using OneDrive to carefully review compliance requirements and consider alternative solutions, such as Scramble Cloud, to ensure the security and integrity of sensitive company data.

Scramble Cloud and Microsoft Office 365

Scramble Cloud offers an easy way to share files securely and integrates with Microsoft Office. The encrypted storage of the data on German servers offers additional security. The advantages of the Scramble Cloud at a glance:

• Zero-knowledge technology
• GDPR-compliant data protection
• Trust and reliability
• Security made in Germany
• Seamless integration into your Office 365 environment
• Save files securely and easily directly 
  within Microsoft Teams
• 24/7 protected with Scramble
• Protect your files with user rights in the form of 
  read and write authorizations
• Secure file sharing directly within 
  Microsoft Teams
• Create unique groups to create a protected environment in the Scramble Cloud where shared files can be shared securely
• Unique process for securely sharing passwords and secrets
• Automatic storage of all files uploaded to Teams via the Scramble Cloud
• No more tedious searching for files
• Your files always available from anywhere
• No restrictions on file size
• Efficient sharing of sensitive information via Outlook
• End-to-end encrypted file exchange