Dream Firms Talks 03/2023


Topic: Basics / OneDrive Security

Basic Security

  • 12 Character Minimum for all passwords.
    • Anything 8 characters or less is vulnerable to immediate brute force attacks.
    • Complexity – Must include: 
      • Upper Case Characters (ASDF…)
      • Lower Case Characters (asdf…)
      • Numbers (1234…)
      • Symbols (!#$%…)
    • Last Changed – Change at least Twice a Year best practice
  • Businesses should use Premium Business versions of Anti-Malware software.
    • Premium Version on every work system
    • BitDefender or Malwarebytes are both good options
    • Make sure it is updated regularly.
  • Don’t use Gmail as your business email. Businesses should have their own domain.
  • Employee training is a very important part of your Cyber Security plan. Training frequency should be at least twice a year.
  • Monitor your internal networks and systems for alerts and changes. 

What is OneDrive?

  • OneDrive is a cloud-based file sharing platform that allows users to securely store and share data.
    • In 2022, more than 60% of all corporate data is stored in the cloud. Microsoft OneDrive is one of the most popular cloud storage platforms.
    • OneDrive offers some protection features for personal and enterprise users. These features help reduce the risk of cyberthreats, minimize data loss and give you optimal control over your files.

Common Mistakes

  • Weak Credential Management
    • Weak and/or Re-Used Passwords
      • If you’d like more information, our last presentation covered Password Management. We’ll paste the link to our Blog where you can read the transcripts from each CyberFriday Talk. 
    • Lack of Access Controls
      • Shared files left open to edit by all.
      • No individual folder security – all users can access all files.
    • No Off-Boarding procedure to revoke rights when employees leave.
  • Outdated Operating System and Applications
  • Unsecured use through Public WIFI
    • Should have a policy against using Public WIFI on any device that connects to the corporate network.

Best Practices

  • Credential Management
    • Use Strong Passwords
    • Use 2FA – 2 Factor Authentication
    • Set up Access Permissions and Privileges
      • Assign specific permissions for different users and monitor access logs
      • Limit access to confidential data by granting only the necessary permissions for specific roles.
    • Avoid storing passwords, payment data and other critical files on OneDrive, especially in shared folders. 
    • Administrators should use regular accounts when sending emails, editing documents or sharing files on OneDrive rather than their admin accounts.
  • Use a HotSpot when traveling
    • Use a VPN if you must use public WIFI.
  • Install a third-party backup solution
    • The built-in OneDrive security tools do not provide comprehensive protection and do not guarantee recoverability.
    • OneDrive is a file sharing platform and should not be your only backup solution. We strongly recommend adding a reliable off-site backup solution.
  • Install security patches and updates
    • Helps avoid security gaps and software vulnerabilities.

Security Features

  • OneDrive includes both Threat Monitoring and Breach Prevention features
  • Ransomware detection 
    • OneDrive alerts Microsoft 365 subscribers when a ransomware or malicious attack is detected.
  • Suspicious activity monitoring
    • Suspicious sign-in attempts are blocked and you receive a notification in case an unusual activity is detected on your account.
  • OneDrive encryption – At Rest and In Transit
    • Disk-level encryption is used at rest and each file is encrypted using a unique AES256 key. 
    • Transport layer security (TLS) encryption protects network communications between users and data centers. TLS requires HTTPS connections.
  • Access control
    • Files and folders can be shared with specific users and you can define the role of each user.
    • Password-protected files can keep your files secured by requiring a password to access them.
    • Expiring links allow you to set an expiration date on the links you share with other users.
  • Data recovery and durability
    • OneDrive provides built-in tools that help you recover data in case it is lost.
    • Data is mirrored into at least two different Azure regions, which are at least several hundred miles away from each other.
    • Version history – You can restore a previous version of a file if you happen to delete it or write unwanted changes to it.
    • Ransomware recovery – OneDrive for Business allows you to recover individual files or restore your entire OneDrive for up to 30 days following a ransomware attack.
    • These features are DO NOT guarantee data recovery or data availability, which is why we strongly recommend researching and using a third-party, off-site backup solution. 

Contact Us

For decades, we have been helping clients dealing with legal issues of all sorts. Our firm is committed to simplifying the legal process and achieving effective results for each client.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.