Microsoft OneDrive Update is a Risk to Business
Microsoft's new OneDrive feature could risk business data security by syncing with personal accounts. Implement preventative policies before the June rollout.
.jpg)
Microsoft is Rolling Out a New OneDrive Feature that Syncs Data from Personal Accounts with Business Accounts
The feature, officially called “Prompt to Add Personal Account to OneDrive Sync,” allows users to bypass traditional security policies.
While designed to streamline file access, this update has raised significant security concerns as it could result in business data being easily transferred out of corporate environments and ending up in the wrong hands.
What is Happening?
Microsoft will enable the feature in June. It detects personal accounts on business devices. Users will then receive a notification to synchronise their OneDrive files. When users accept the notification, their files will automatically start synchronising alongside their business OneDrive environment without additional configuration.
This means that if a user logs in with a personal Microsoft account on a business device, they will receive a notification to link the account by default.
The user is responsible for giving permission, however, accepting the notification may seem convenient or easy if they are unaware of the risk.
Security Risk with Automatic Sync of OneDrive
Security experts warn that this feature poses a significant risk to the transfer of sensitive business data to personal, unmanaged environments.
Once synced it will enable users to easily copy files from their business OneDrive to their personal account and vice versa. The automatic syncing feature lacks inherent controls and logging mechanisms, making it difficult to monitor or restrict data transfers between personal and corporate accounts.
Consequently, it creates a substantial risk of sensitive corporate data being unintentionally or maliciously transferred to personal, unmanaged OneDrive account.
Limit Your Risk
We’re strongly advising that clients implement preventative policies before the rollout to avoid these risks. The following actions can be taking to mitigate the risks associated with this new feature:
-
DisableNewAccountDetection: This policy suppresses the prompt for users to add their personal accounts while allowing them to manually configure their accounts if required.
-
DisablePersonalSync: This policy completely prevents users from syncing their personal OneDrive accounts on corporate devices.
-
Use Intune Settings: If using Microsoft Intune, administrators can enable the setting to prevent users from syncing personal OneDrive accounts, which may also help block the prompt.
-
Registry Changes: It’s recommended to set specific registry keys on client devices to disable the OneDrive personal prompt.
How Can Technical Drive Help?
Technical Drive are experts in managing and maximising Microsoft and can implement the measures required to prevent or remove the OneDrive Sync from occurring on your users accounts in order to protect your organisation's data and maintain compliance.
If you’d like Technical Drive to implement these actions for your organisation, please get in touch today!
Call Us on 01527 880088
Get in Touch Online
Featured blogs
Is Your Business Ready for Windows 10 End-of-Life?
Prepare for the future: upgrade to Windows 11 Pro before Windows 10 reaches End of Life!
Read more
How Recent Cyber Attacks on UK Retailers Could Happen to any Business
High-profile breaches at Co-op, Marks & Spencer, and Harrods show that all businesses, especially smaller ones, need robust Cyber Security measures.
Read more
With Cyber Security, It’s Not If but When!
Cyber Security is on the rise, and every business is a target. Discover who should take responsibility within your small or medium-sized business and how to protect your organisation effectively.
Read more
.jpg)
Technical Drive Achieves ISO 27001, ISO 9001, and Cyber Essentials Re-certification
Technical Drive proudly announces the re-certification of ISO 27001, ISO 9001, and Cyber Essentials, underscoring our commitment to quality, security, and excellence.
Read more
.jpg)
40km, 5 Teammates, 1 Amazing Cause! The Technical Drive Canoe Highlights
On 7th June, Adam, Sam, Ben, Amy and Elizabeth from our Technical Drive team completed a 40km walk-and-canoe challenge for SMA UK’s ’40 for 40’ campaign.
Read more
Why Now’s the Time to Migrate to SharePoint Online
Future-proof your business with SharePoint Online. Discover expert migration support from Technical Drive.
Read more
Email sign up
As your Managed IT Service Partner, we take responsibility to proactively help you drive your business forward through technology. With our fast, responsive, and strategic team we can digitally transform organisations to drive productivity, profitability, and success. Sign up to receive helpful advice and industry news that could affect your IT, data storage and communications.
Get in touch
Is your current company not performing, not being proactive, not getting value for money? Or perhaps you have an urgent problem?