I have received multiple prompts to use OneDrive to back up my data and protect it in the case of ransomware. However, it does not seem to me that OneDrive would be effective against ransomware. If I were subject to a ransomware attack and the ransomware began to encrypt the files on my hard drive, wouldn't the backup files that are sitting remotely in OneDrive also become encrypted since OneDrive syncs with my local laptop? In other words, what good is having an offsite backup if that backup is syncing to my files such that the encryption on my local system would then be replicated on the remote system?
In addition, I sense that using one drive introduces an other vulnerability. Don't employees of Microsoft who administer the OneDrive servers have access to the data of all of the one drive users who are storing their data remotely? Is there anything that would stop such an employee from exploiting such sensitive information?
Finally isn't it possible that a cyber thief could steal the data as it's being transmitted between a local hard drive and the remote OneDrive server, intercepting such data and then exploiting it?
How safe is OneDrive?
-
- GoldLounger
- Posts: 2640
- Joined: 26 Jan 2010, 16:31
- Location: Southern California
Re: How safe is OneDrive?
JMT,
Here is a Microsoft post addressing OneDrive security and safeguarding your data.
I don't use OneDrive so I don't have answers to your questions.
Here is a Microsoft post addressing OneDrive security and safeguarding your data.
I don't use OneDrive so I don't have answers to your questions.
Regards,
John
John
-
- Microsoft MVP
- Posts: 1347
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: How safe is OneDrive?
JMT, your first concern is probably partially correct -- I believe the current OneDrive copies of the synced files would be corrupted very quickly after a ransomware attack. However, OneDrive does automatically save previous versions of files as they're updated, so I think you would be able to recover uncorrupted copies. It probably wouldn't be a simple operation, though; you might have to download the older files one by one.
My preferred backup method involves a weekly scheduled image backup with Macrium Reflect, onto an external drive that is connected to the computer only during each backup (and the few times I need to retrieve a file from an image). The rest of the time, the external drive is unpowered and its USB cable disconnected. Between image backups, I do a nightly backup of critical data to a USB thumb drive that's usually in my pocket.
I don't worry about Microsoft employees grabbing data from OneDrive accounts, or cyber thieves stealing data during transmissions, for two reasons. First, OneDrive (and most other cloud backup software) uses encryption both for "data in motion" and for "data at rest" -- that is, during transmission and during storage. Company employees don't have access to the encryption keys. Second, the cyber thieves would have to have some way to know what part of what data stream to intercept and how to decrypt it; the likelihood of that is vanishingly small. If that still bothers you, subscribe to a VPN that will add further end-to-end encryption to your data.
My preferred backup method involves a weekly scheduled image backup with Macrium Reflect, onto an external drive that is connected to the computer only during each backup (and the few times I need to retrieve a file from an image). The rest of the time, the external drive is unpowered and its USB cable disconnected. Between image backups, I do a nightly backup of critical data to a USB thumb drive that's usually in my pocket.
I don't worry about Microsoft employees grabbing data from OneDrive accounts, or cyber thieves stealing data during transmissions, for two reasons. First, OneDrive (and most other cloud backup software) uses encryption both for "data in motion" and for "data at rest" -- that is, during transmission and during storage. Company employees don't have access to the encryption keys. Second, the cyber thieves would have to have some way to know what part of what data stream to intercept and how to decrypt it; the likelihood of that is vanishingly small. If that still bothers you, subscribe to a VPN that will add further end-to-end encryption to your data.
-
- 4StarLounger
- Posts: 571
- Joined: 30 Oct 2010, 02:12
- Location: England UK
Re: How safe is OneDrive?
I back up my OneDrive folder to an external HDD. If I can't protect my own data why trust others to do so?
If it wasn't for bad luck I'd have NO luck at all.
Windows 11 Home 24H2 Laptop
-
- Administrator
- Posts: 79669
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: How safe is OneDrive?
The advantage of backup in the cloud is that you can access it from anywhere. If your house burns down, you'll probably lose both your computer(s) and the backup disks.
Best wishes,
Hans
Hans
-
- 4StarLounger
- Posts: 571
- Joined: 30 Oct 2010, 02:12
- Location: England UK
Re: How safe is OneDrive?
You could take the backup hdd with you! + make another copy and leave at a relatives home suitable secured.
If it wasn't for bad luck I'd have NO luck at all.
Windows 11 Home 24H2 Laptop
-
- Administrator
- Posts: 79669
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
-
- 5StarLounger
- Posts: 1157
- Joined: 21 Jan 2011, 16:51
- Location: Florida
Re: How safe is OneDrive?
I'm finding OneDrive much more convenient to keep files synced between multiple computers than the WiFi home network.
The home network has proven very finicky with the multiple versions of Windows in use, and since I now have a MS 365 subscription, the 1TB will handle most of the data I want backed up and shared.
The home network has proven very finicky with the multiple versions of Windows in use, and since I now have a MS 365 subscription, the 1TB will handle most of the data I want backed up and shared.
PJ in (usually sunny) FL