Applies ToSharePoint in Microsoft 365 Microsoft 365 admin OneDrive (home or personal) SharePoint admin center

You can use OneDrive and SharePoint to create, manage and share files, making them ideal for collaborative work. With OneDrive and SharePoint, you can save your files across multiple devices and access them from anywhere. You can also work in real-time with others, as well as share files securely with external parties.

Watch: When to use OneDrive vs. SharePoint

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

OneDrive is a cloud-storage platform where you can store your individual or personal files. OneDrive is tightly integrated with apps like Word, Excel and PowerPoint which makes it a convenient place to store and access your sensitive documents securely.

Use OneDrive when you want to create a document that is only yours, for example, when working on highly sensitive or private information.

To get started with One Drive, sign-in to your Microsoft account or sign up for one, download and install the OneDrive desktop app, then follow the prompts to sign in and select the folders you want to sync to the cloud. 

SharePoint is a collaboration tool used to manage and share files and information across an organization. SharePoint allows multiple users to collaborate in one central location.

Use SharePoint when you need to create a document that will be written and managed by a team of people or when it needs to be shared broadly. For example, use it as a centralized location for team members to view project timelines, tasks, and milestones. This allows teams to track progress, stay on schedule, and collaborate more efficiently.

  • To create a new file in SharePoint, navigate to the document library where you want to create the file and click on the New button.

  • To manage files, check out a file to make changes to it, and then check the file back in when you're done.

  • To share files, click on the file and select Share. You can also collaborate in real-time by opening the file in the appropriate application, such as Word or Excel, and enabling co-authoring. To view previous versions of a file, click on the file and select Version History. Learn more about how to manage files in SharePoint.

Regulate access of internal, vendors, contractors, and external parties  

To ensure that only authorized users have access to sensitive files and data in OneDrive and SharePoint:

  • Define access policies for different types of users such as internal, vendors, contractors, and external parties. For example, you can create an access policy that allows only certain employees to access confidential information, such as financial data or customer information. You can also specify the type of data they can access, how they can access it, and for how long. This ensures that only authorized users have access to sensitive files and data.

  • Use permissions and roles to control access to specific files or folders. For example, grant read-only access to a team member who needs to view files but not make changes, such as someone not directly involved in the project but needing to stay informed. By defining these permissions and roles, you can ensure that only authorized users have access to sensitive information and that they can only view and edit files that they have been granted access to.

  • Use multi-factor authentication to ensure that only authorized users can access sensitive data. This can include requiring users to provide a password and a code sent to their mobile device or email.

  • Monitor access and usage of your OneDrive and SharePoint environment to detect and prevent unauthorized access or usage. For example, by reviewing user activity logs, you can identify any unusual activity, such as unauthorized access attempts, and take action to prevent data breaches.

  • Implement encryption for sensitive data to ensure that even if someone gains unauthorized access to the data, they can't read it without the decryption key. This can help to prevent data breaches, protect customer data, and ensure compliance with data privacy regulations.

  • Set expiration dates for shared links to ensure that access is automatically revoked after a certain period. For example, if you share a contract with a vendor or contractor and want to ensure that the vendor or contractor only has access to the document for a limited time, you can set an expiration date and access to the document will be automatically revoked after the set period. This reduces the risk of the document being accessed by unauthorized parties.

By implementing these measures, you can regulate access of internal, vendors, contractors, and external parties in OneDrive and SharePoint and keep your data secure. Learn more about how to safeguard your data.

Reduce OneDrive and SharePoint vulnerabilities  

While OneDrive and SharePoint offer many security features to protect against data breaches, there are still several key vulnerabilities that can affect the security of these entities:

  • Phishing attacks can trick users into giving away their login credentials, which can then be used to access OneDrive or SharePoint.

  • Weak passwords can also be easily guessed or cracked, leading to unauthorized access.

  • Malware can be used to steal login credentials, capture sensitive data, or take control of a user's device, which can compromise OneDrive or SharePoint.

  • Insider threats, such as employees intentionally or accidentally sharing sensitive data with unauthorized parties, can also pose a risk to OneDrive or SharePoint. Learn more about how to manage insider risk.

To mitigate these vulnerabilities, it is important to implement security best practices, educate users, and regularly review and audit user permissions. It is also crucial to have a comprehensive incident response plan in place to quickly respond to any security incidents that may occur.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.