Stay up to date with specialized private investigation insights.
Dream Firms Talks 03/2023
Topic: Basics / OneDrive Security
- 12 Character Minimum for all passwords.
- Anything 8 characters or less is vulnerable to immediate brute force attacks.
- Complexity – Must include:
- Upper Case Characters (ASDF…)
- Lower Case Characters (asdf…)
- Numbers (1234…)
- Symbols (!#$%…)
- Last Changed – Change at least Twice a Year best practice
- Businesses should use Premium Business versions of Anti-Malware software.
- Premium Version on every work system
- BitDefender or Malwarebytes are both good options
- Make sure it is updated regularly.
- Don’t use Gmail as your business email. Businesses should have their own domain.
- Employee training is a very important part of your Cyber Security plan. Training frequency should be at least twice a year.
- Monitor your internal networks and systems for alerts and changes.
What is OneDrive?
- OneDrive is a cloud-based file sharing platform that allows users to securely store and share data.
- In 2022, more than 60% of all corporate data is stored in the cloud. Microsoft OneDrive is one of the most popular cloud storage platforms.
- OneDrive offers some protection features for personal and enterprise users. These features help reduce the risk of cyberthreats, minimize data loss and give you optimal control over your files.
- Weak Credential Management
- Weak and/or Re-Used Passwords
- If you’d like more information, our last presentation covered Password Management. We’ll paste the link to our Blog where you can read the transcripts from each CyberFriday Talk.
- Lack of Access Controls
- Shared files left open to edit by all.
- No individual folder security – all users can access all files.
- No Off-Boarding procedure to revoke rights when employees leave.
- Weak and/or Re-Used Passwords
- Outdated Operating System and Applications
- Unsecured use through Public WIFI
- Should have a policy against using Public WIFI on any device that connects to the corporate network.
- Credential Management
- Use Strong Passwords
- Use 2FA – 2 Factor Authentication
- Set up Access Permissions and Privileges
- Assign specific permissions for different users and monitor access logs
- Limit access to confidential data by granting only the necessary permissions for specific roles.
- Avoid storing passwords, payment data and other critical files on OneDrive, especially in shared folders.
- Administrators should use regular accounts when sending emails, editing documents or sharing files on OneDrive rather than their admin accounts.
- Use a HotSpot when traveling
- Use a VPN if you must use public WIFI.
- Install a third-party backup solution
- The built-in OneDrive security tools do not provide comprehensive protection and do not guarantee recoverability.
- OneDrive is a file sharing platform and should not be your only backup solution. We strongly recommend adding a reliable off-site backup solution.
- Install security patches and updates
- Helps avoid security gaps and software vulnerabilities.
- OneDrive includes both Threat Monitoring and Breach Prevention features
- Ransomware detection
- OneDrive alerts Microsoft 365 subscribers when a ransomware or malicious attack is detected.
- Suspicious activity monitoring
- Suspicious sign-in attempts are blocked and you receive a notification in case an unusual activity is detected on your account.
- OneDrive encryption – At Rest and In Transit
- Disk-level encryption is used at rest and each file is encrypted using a unique AES256 key.
- Transport layer security (TLS) encryption protects network communications between users and data centers. TLS requires HTTPS connections.
- Access control
- Files and folders can be shared with specific users and you can define the role of each user.
- Password-protected files can keep your files secured by requiring a password to access them.
- Expiring links allow you to set an expiration date on the links you share with other users.
- Data recovery and durability
- OneDrive provides built-in tools that help you recover data in case it is lost.
- Data is mirrored into at least two different Azure regions, which are at least several hundred miles away from each other.
- Version history – You can restore a previous version of a file if you happen to delete it or write unwanted changes to it.
- Ransomware recovery – OneDrive for Business allows you to recover individual files or restore your entire OneDrive for up to 30 days following a ransomware attack.
- These features are DO NOT guarantee data recovery or data availability, which is why we strongly recommend researching and using a third-party, off-site backup solution.