If your organization is planning a migration to Microsoft 365, or are already using this cloud service, you will want to be very familiar with Microsoft’s offerings, and the admin controls that will help you customize the service for your organization’s needs.
In this article, we’ll specifically address OneDrive, which is Microsoft's storage service for hosting files in the cloud.
SharePoint Vs OneDrive
For enterprise clients, you might have access to both OneDrive and SharePoint and wonder what the differences between the two are because, with both, you are able to store files in the cloud.
While OneDrive and SharePoint have overlapping features, the two have some differences in functionality. Depending on your needs, one may serve your organization better than the other.
SharePoint is more of a collaboration tool. Similar to Google Drive, files stored in SharePoint are accessible to every user on your team (or that you grant access to). This is an effective platform to utilize if you’re working in teams and frequently collaborating on files and webpages. In addition to collaboration features, SharePoint also has CMS, portals, pages, and dashboards available. So, depending on your company’s needs and goals, one, or both may be sufficient.
According to Microsoft, OneDrive is the “files experience” for Microsoft 365 and SharePoint Server. OneDrive allows employees access to all of your personal work or school files, and the files that people share with you.
OneDrive works best as a storage system. If you’re working alone on a document or file, OneDrive is an effective interface to utilize. There, your files will be stored and are readily available on whatever device you use. If you’d like to share your OneDrive files with other users, that’s also possible.
Accessing OneDrive for Administrators
OneDrive for Business is a part of Microsoft 365, but has a separate admin center that can be accessed directly at https://admin.onedrive.com.&nb...;
In this admin center, there are seven main features available for use. You can configure the following options below to best suit your needs. (And, remember to always hit “Save” when making changes.)
You have control over how and with whom your users are sharing information in both OneDrive and SharePoint.
For example, you’ll have options to share links:
- Direct: This method is specific to who you are sharing a link with. It is connected to their username or email.
- Internal: Internal sharing allows you to share a link with anyone who is part of your organization.
- Shareable: This type of sharing allows you to share a link within your organization and externally. When sharing externally, there are four types of permissive sharing settings.
New and existing users
Existing external users
Only users in your organization
Users can share links that don’t require the receiving party to sign in.
Any external uses will have to sign in for access.
Users that are in your organization’s directory.
No external sharing.
There are also a few advanced settings that may be relevant or helpful to your organization:
- Link expiration: For externally shared links, you can set a link to expire after a certain amount of days. This helps protect your data and limits access.
- Limited permissions: When sharing a link, you can also set limited permissions on the files and folders you’re sharing with another party. You can allow (or not allow) them to: view only, view and edit, and/or upload.
Sync allows you to control and limit what files are able to be synced through a user’s OneDrive account and their desktop. You can also remove the sync option altogether. However, if your organization is working remotely, even semi-permanently, it might be a good idea to allow sync options so that all of a user’s documents are available in their OneDrive and SharePoint.
Under Sync options, there are three control options available:
- Show the Sync button on the OneDrive site
- Allow syncing only on PCs joined to specific domains
- Block syncing of specific file types
With storage, you can stay on top of how much storage your organization is using and has left before hitting your limit. You also have the ability to set default storage limits for users and retention for deleted users. For users, this typically ranges from 1 to 5 terabytes. Storage also ranges depending on the type of plan your organization has. Under this setting, you can set the amount of days data of a deleted user is stored before permanent deletion.
It’s important to note that while Microsoft 365 will store your data, it doesn’t 100% back up your data. Consider using a third-party cloud-based SaaS backup system, like Backupify, if you haven’t already.
4. Device Access
Control the devices and specific locations your users can have access to their files. Under this feature, you’ll have a few different options as seen below. In addition, you can also set controls to require users to re-sign in every seven days and/or encrypt app data when the device is locked. According to Microsoft, this includes:
- Control access based on network location. This allows access only from specific IP address locations.
- Control access from apps that can’t enforce device-based restrictions. This allows access from apps that don’t use modern authentication.
Under device access settings, you’ll also find Mobile Application Management. These settings can be used to control access to features in OneDrive and SharePoint mobile apps on Android and iOS devices. Any policies you created in Intune will automatically take precedence for selected users. Here, you have several different options, such as block downloading files in the apps and requiring an app passcode.
Under the compliance page, Microsoft provides links to other compliance and security features like:
- Data loss prevention
These are each adjustable to best fit your company’s needs, especially for businesses that have legal, regulatory, and technical requirements.
This feature allows you to control email and device notification settings. You can set up an array of different notification controls, depending on your user needs. You can also allow users to configure their own notifications as well.
Under Notifications, you’ll be able to set up email notifications when the following actions occur, according to Microsoft that includes:
- Other users invite additional external users to shared files
- External users accept invitations to access files
- An anonymous access link is created or changed
7. Data Migration
Migrating data is an unavoidable process an organization will take when moving to Microsoft 365. Whether you’re migrating data from another cloud-based system or directly from your device, you’re able to control this process on this page. Learn more about data migration using SharePoint here.
Are You Going Through a Migration?
While OneDrive and SharePoint offer companies a plethora of options and functionalities, It’s important to remember that during a migration, Microsoft’s native capabilities might not be enough.
Specifically, Microsoft says of its shared responsibility model:
“We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”
That means, as you’re going through a migration, Microsoft can’t -- and won’t -- help you recover data lost from malware, hardware failures, or human error.
By implementing a third-party backup service throughout your migration process, you are maximizing your protection against permanent data loss.
Backupify is the premier solution for protecting your organization against the Shared Responsibility model. Request a free demo here to see for yourself.