File encryption at rest.
Allow files to be encrypted at rest like OneDrive for Business. The user should hold the key for the encryption.
As of the end of 2014 OneDrive content is encrypted at rest and in transit – details were announced in 2013 here – https://blogs.microsoft.com/blog/2013/12/04/protecting-customer-data-from-government-snooping/
It is unacceptable that encryption at rest is not available for home users!
It is alarming a program manager at Microsoft is either unaware that encryption at rest is not available for OneDrive personal customers or is intentionally lying to people. Dropbox and Google Drive both encrypt files in-transit AND at-rest. Microsoft will claim they follow security protocols and what not but encryption at rest is obviously necessary or why would they offer it to their business customers? Office 365 is a pretty good offering, but I just cannot store sensitive information on OneDrive if this is their security policy.
Chris Squibb commented
This support article seems to contradict the "it's done", at least for Personal OneDrive. Please comment.
nick smith commented
To ensure security of my data, onedrive OR outlook email & contacts, the data should be encrypted on Microsoft hosted servers
Agreed, please offer encryption at rest and I will move everything over to OneDrive.
Simon Perdrisat commented
So Microsoft maintain a business version with encryption and a personal version without. I was going to buy a personal subscription but I will not.
I will also advise my university not to subscribe for MS 365. Even if they will benefit from the encryption, it's not acceptable to endorse such insecure behaviour.
Encryption at rest and two factor authentication is the minimum. But from Microsoft I was waiting for the possibility to give my own key.
I completely agree.. I only recently found out about files not being encrypted at rest... I have two microsoft accounts... work and personal... For work I dont mind as its all research papers, cpd, training etc which although identifiable NOT sensitive... but my personal account with bank, mortgage etc... moving to dropbox... encrypted at rest and two factor authentication.
Come on Microsoft... encryption at rest is the most basic of security features.
MS won't encrypt data at-rest because then they can't snoop through it as easily and hand it over to the NSA.
I was just looking into switching from Dropbox to the OneDrive 5TB option, but the lack of at-rest encryption in any form is a non-starter for me. It's baffling to me that it's available for Business users but not home users!
This is a key feature preventing me from migrating away from Dropbox. Baffling that Microsoft won't take this basic step to protect user data.
If google and Dropbox can encrypt the files at rest why can't onedrive and google drive is encrypted at rest and they can still provide very fast file sharing and file sync even there note app google keep is encrypted at rest!
Dan Davies commented
Dropbox and Google drive do this as standard for user accounts
Ralf Weyer commented
Yes, that would indeed be great. There should be a full encryption available for all Microsoft Cloud a.k.a Office 365 Home services. Files in OneDrive should be encrypted (at rest for example via BitLocker)), as well as the mail on Outlook.com (at rest for example with BitLocker) and during send/receive (via TLS). All encryption and decryption should happen on the users device before uploading and after downloading.
Rob Daly commented
I would love to move from Dropbox to Onedrive for my main cloud storage for the better integration with Office but unfortunately I refuse to do that until at rest encryption is implemented on personal accounts. I should not have to use Onedrive for Business for my data to be stored securely.