Microsoft OneDrive Update is a Risk to Business
Microsoft's new OneDrive feature could risk business data security by syncing with personal accounts. Implement preventative policies before the June rollout.
Telephone: 01527 880088
Option 1: Technical Support
Option 2: Sales & General Enquiries
The feature, officially called “Prompt to Add Personal Account to OneDrive Sync,” allows users to bypass traditional security policies.
While designed to streamline file access, this update has raised significant security concerns as it could result in business data being easily transferred out of corporate environments and ending up in the wrong hands.
Microsoft will enable the feature in June. It detects personal accounts on business devices. Users will then receive a notification to synchronise their OneDrive files. When users accept the notification, their files will automatically start synchronising alongside their business OneDrive environment without additional configuration.
This means that if a user logs in with a personal Microsoft account on a business device, they will receive a notification to link the account by default.
The user is responsible for giving permission, however, accepting the notification may seem convenient or easy if they are unaware of the risk.
Security experts warn that this feature poses a significant risk to the transfer of sensitive business data to personal, unmanaged environments.
Once synced it will enable users to easily copy files from their business OneDrive to their personal account and vice versa. The automatic syncing feature lacks inherent controls and logging mechanisms, making it difficult to monitor or restrict data transfers between personal and corporate accounts.
Consequently, it creates a substantial risk of sensitive corporate data being unintentionally or maliciously transferred to personal, unmanaged OneDrive account.
We’re strongly advising that clients implement preventative policies before the rollout to avoid these risks. The following actions can be taking to mitigate the risks associated with this new feature:
DisableNewAccountDetection: This policy suppresses the prompt for users to add their personal accounts while allowing them to manually configure their accounts if required.
DisablePersonalSync: This policy completely prevents users from syncing their personal OneDrive accounts on corporate devices.
Use Intune Settings: If using Microsoft Intune, administrators can enable the setting to prevent users from syncing personal OneDrive accounts, which may also help block the prompt.
Registry Changes: It’s recommended to set specific registry keys on client devices to disable the OneDrive personal prompt.
Technical Drive are experts in managing and maximising Microsoft and can implement the measures required to prevent or remove the OneDrive Sync from occurring on your users accounts in order to protect your organisation's data and maintain compliance.
If you’d like Technical Drive to implement these actions for your organisation, please get in touch today!
Prepare for the future: upgrade to Windows 11 Pro before Windows 10 reaches End of Life!
High-profile breaches at Co-op, Marks & Spencer, and Harrods show that all businesses, especially smaller ones, need robust Cyber Security measures.
Cyber Security is on the rise, and every business is a target. Discover who should take responsibility within your small or medium-sized business and how to protect your organisation effectively.
Technical Drive proudly announces the re-certification of ISO 27001, ISO 9001, and Cyber Essentials, underscoring our commitment to quality, security, and excellence.
On 7th June, Adam, Sam, Ben, Amy and Elizabeth from our Technical Drive team completed a 40km walk-and-canoe challenge for SMA UK’s ’40 for 40’ campaign.
Future-proof your business with SharePoint Online. Discover expert migration support from Technical Drive.
As your Managed IT Service Partner, we take responsibility to proactively help you drive your business forward through technology. With our fast, responsive, and strategic team we can digitally transform organisations to drive productivity, profitability, and success. Sign up to receive helpful advice and industry news that could affect your IT, data storage and communications.
Is your current company not performing, not being proactive, not getting value for money? Or perhaps you have an urgent problem?