Microsoft Hardens One Drive Security
Microsoft has announced changes to OneDrive that will protect cloud-stored documents with an additional layer of security.
"OneDrive Personal Vault" - was hailed as a special protected partition of OneDrive where users could lock their private or sensitive files. They would access that area only after a second step of identity verification, ranging from a fingerprint or face scan, a one-time code texted to the user's smartphone or the use of the Microsoft Authenticator mobile app.
General manager for Microsoft 365 (Seth Patton) says this move creates a failsafe so that "in the event that someone gains access to your account or your device," the files within the vault would remain sacrosanct.
Access to the vault will also be on a timer, Patton said, that locks the partition after a user-set period of inactivity. Files opened from the vault will also close when the timer expires.
As the feature's name implied, the vault is only for OneDrive Personal, the consumer-grade storage service, not for the OneDrive for Business available to commercial customers. Although OneDrive Personal is a free service - albeit with a puny 5GB of storage - many come to it from the Office 365 subscription service. There, users are allotted 1TB of OneDrive space. (The single stand-alone plan is $2 per month for 50GB.)
On Windows 10 machines, the Personal Vault synchronizes to a BitLocker-encrypted section of local storage; think of it as a specially-encrypted folder. Like OneDrive for Business, OneDrive Personal encrypts data during transit between the PC and Microsoft server (and back), as well as when the data is "at rest" (on Microsoft's server).
OneDrive for Business does not have a vault feature and is unlikely to get one. That should not come as a surprise, as it would allow employees to store data where the company and its IT staff had no visibility.
Because OneDrive Personal is associated with Office 365 Home and Office 365 Personal, and because those consumer-appropriate subscription plans are not licensed for work-related tasks, on purely legal grounds, the vault isn't suitable for storing business documents and files. The truth, however, is that those Office rent-not-buy programs are often used by very small businesses and sole proprietors.
OneDrive Personal Vault would, in that context, be a suitable location for crucial business documents and data, such as customer contact lists and accounting software data files.
Microsoft's Patton said that OneDrive Personal Vault would be available "soon" to customers in Australia, Canada and New Zealand, then extended to all by the end of the year.