It’s common for us to speak to an IT team that’s hung up on OneDrive usage and it’s security features. IT teams tend to steer clear of speaking too much about OneDrive to their end users after an Office 365 migration, because instead of working on things based on group permissions as one would in SharePoint, an IT staff member would technically have to log in as the end user to have access to a user’s data. This makes it rather difficult for an IT team to feel in any way in control of OneDrive and the way their end users use the tool. However, we happen to believe it’s best for an IT team to fully embrace OneDrive and properly communicate to end users when and how the application should be used. In this article, we will discuss the difference of Office 365 SharePoint and OneDrive, dig into an overview of OneDrive security, and share our philosophy of why we believe your end users should use it!
SharePoint vs. OneDrive
Our philosophy is that there is a place for OneDrive in any organization just as there is a place for SharePoint. In order to establish this placement, you’ll need to know the main differences between the two. Just as in SharePoint Online, you can utilize Office Online in OneDrive as well to edit and share amongst team members, when collaborating on a working document. However, OneDrive is more user-centric with little configuration options and administrative control, which makes SharePoint the best document repository solution as it’s much more configurable and controlled by administrators. This is exactly why we tell our clients that it’s important for them to communicate to their end users that OneDrive is not for business critical information and should be used specifically for personal, working documents.
In addition, SharePoint also does quite a few things that OneDrive doesn’t. For example, dashboards and sites are available in SharePoint as well as workflows, lists, and calendars. Along with these additions comes invested time upfront for admin development and customization that may require outside work and possible requirements to purchase and maintain servers, depending on what you decide to use SharePoint for. With some footwork, however, SharePoint can do just about anything you want it to do, which makes it the more robust platform.
At the end of the day, if you want to provide your end users with personal document storage and your don’t have a tremendous amount of compliance guidelines you have to meet, OneDrive provides a very simple and intuitive interface, which may meet your most basic storage requirements needs or at least have a place in your organization.
An Overview of OneDrive Security
This is usually where the worry comes into place for an IT team, when they haven’t yet been provided with the details of OneDrive security. However, rest assured that the Office 365 security features that you trust play their part in OneDrive as well, meaning encryption in available for OneDrive business users. In addition, OneDrive has remained free of becoming a name in serious breach headlines and Microsoft has also recently put into place per-file encryption which encrypts files individually each with a unique key in OneDrive, so if for some reason one key was compromised, the attacker would only have access to that one individual file rather than all of the user’s OneDrive data. Finally, each of your OneDrive users will also have access to two-step verification, which administrators should make sure they take advantage of.
The main OneDrive security concern you should communicate to your end users is how user-error may compromise your network. Because files aren’t shared with others unless your users choose to or save them in a public folder, user-error is the only way a breach could take place. For example, if a user shares a confidential file with an unauthorized person, emails the wrong file to a client, or loses his/her smart phone, OneDrive can do nothing to help in protecting those files. However, user-error is a pitfall for any platform, not just OneDrive.
Why & How Your End Users Should Be Using OneDrive
If an organization approaches OneDrive and SharePoint usage with differences in mind, and OneDrive is voiced as acceptable for users to take advantage of, companies should have no reason to be worried about security if they train their users properly on how and when to use the separate platforms.
If you have business processes and workflows in place for specific document repository instances, document and share these with your users. These instances are much difference that an end user having access to a personal storage area in the cloud. A huge positive of your end users having access to their OneDrive storage space is that if you get them into utilizing good habits by properly training them, they won’t tend to maintain local files on their machines. This will decrease the opportunities of losing working data in the event that a machine is lost, crashes, or is otherwise compromised in any way. In addition, if they forget their device in the office when they need it at home or vice versa, they will have access to working documents online on any other device.
It’s important to embrace OneDrive usage and to focus on user behavior and training. Provide your users with detailed documentation on OneDrive features, how they should use it, and when they should otherwise be using SharePoint. Of course there are differences between the two platforms, but with proper Office 365 training, you’ll be comfortable with how your end users are taking advantage of OneDrive.
As you can see training is what will make all the difference in how your IT and management teams feel about OneDrive security. And the best way for your users to learn the software they should be taking advantage of in Office 365, including OneDrive and SharePoint is for them to learn on the go. Download our free end-user training whitepaper to learn more about how just-in-time end user training will make your administrators more comfortable with OneDrive and Office 365 usage.