Table of contents
Start for free
Skiff Team / 6.10.2022Home / guides
Is Microsoft OneDrive end-to-end encrypted?
Microsoft OneDrive reportedly has over 250 million users across businesses, governments, and individuals. How secure is it?
Microsoft OneDrive is a cloud-based storage service that is included with a Microsoft account. It allows users to store and share files, as well as sync files across all of their devices. OneDrive is integrated with Office 365 and Windows 10, making it a convenient way to store and access files from anywhere.
Comparing OneDrive with other cloud storage providers
MicrosoftOneDrive is a cloud-based file storage and synchronization service that was released in 2014. It allows users to store files and personal data in the cloud, as well as sync files across devices. OneDrive offers 5 GB of storage for free, with paid plans starting at 50 GB. OneDrive also includes features such as file versioning, basic file encryption (more info on this below), and the ability to set access permissions. OneDrive traces its root to a previous Microsoft storage product - SkyDrive - that was launched in 2007.MicrosoftOneDrive, Google Drive, and Dropbox all offer online storage and synchronization of files between devices. This includes compatibility across most consumer platforms, including Apple’s iOS, Android, Windows (naturally), and iPad tablet and mobile apps as well. However, OneDrive has a few different features related to the Microsoft ecosystem and their larger suite of enterprise products. Unsurprisingly, OneDrive offers a deep integration with Microsoft Office apps, allowing users to edit Word, Office, and other documents directly in the web browser. Although the Office suite was late to the real-time collaboration world compared to Google, the products have now evolved to support fully web native collaboration. OneDrive also offers a "Fetch" feature, which allows users to access files stored on their PC from a remote location, which can be helpful as a storage solution for many users. The product also integrates with. Microsoft’s SharePoint product for sharing files, folders, and content with external organizations.In contrast, Google Drive offers similar features to OneDrive and Dropbox, but also includes integration with Google's suite of productivity apps (Docs, Sheets, Slides, etc.); Dropbox has their own on-platform editor known as Dropbox Paper. Dropbox, Google Drive, and other storage providers, such as Box, offer similarly priced cloud storage services and functionality.Google Drive and OneDrive have very similar pricing structures. Both offer a free tier with limited storage, and both charge for additional storage. OneDrive offers slightly more storage for the same price as Google Drive. For example, OneDrive offers 1 TB of storage for $7 per month, while Google Drive charges $10 per month for 1 TB of storage.Comparing encryption and end-to-end encryption
MicrosoftOneDrive supports encryption at rest and encryption in transit - but not zero-knowledge end-to-end encryption. Encryption at rest means that your data is encrypted when it is stored, such as with AES-256 bit encryption. Encryption in transit means that your data is encrypted when it is sent over the network using TLS and SSL protocols. TLS is a security protocol that provides privacy and data integrity between two communicating computer applications. It is the most widely-deployed security protocol used today, and is used in web browsers and web servers, as well as in many other applications that require data to be securely exchanged over a network.While encryption at rest and encryption in transit are important, they are largely baseline requirements for any cloud application these days. In contrast, end-to-end encryption yields significantly stronger security protections, as only you can read your data.End-to-end encryption is a type of encryption where only the sender and the receiver can read the messages. This is in contrast to other types of encryption, where the server in the middle can also read the messages. End-to-end encryption is used in messaging apps like WhatsApp and Signal, as well as in email programs like Skiff.The advantage of end-to-end encryption is that it protects the privacy of the messages being sent. Even if the server in the middle is compromised, hackers would not be able to read the messages since they are encrypted. This means that end-to-end encryption is a very effective way to protect your privacy. Another advantage of end-to-end encryption is that it makes it very difficult for anyone to spy on an individual, including law enforcement. Since the messages are encrypted, service providers or anyone else with access to hard drives or encrypted data would not be able to read users’ files, even if they wanted to. This is a major advantage for people who value personal privacy and data security.The best end-to-end encrypted cloud storage
Skiff: Skiff is an end-to-end encrypted, privacy-first collaboration and email platform that includes file upload, storage, and sharing. The product is completely end-to-end encrypted, meaning that your encryption keys are private to you - and never shared with Skiff or anyone else. Skiff also provides additional security features, including password protected documents, as well as native applications for iOS, Android, and more platforms.Tresorit: Tresorit is another popular end-to-end encrypted storage provider. The platform focuses more on syncing folders or files from your desktop to the web; it also offers easy-to-use native applications for mobile devices, tablets, and more devices.For more information comparing providers, check out our longer blog on encrypted cloud storage providers here, or our favorite encrypted note taking apps as well. These blogs provide additional context on how end-to-end encryption is helpful across different use cases, from businesses with client data to families protecting personal files.Using the full Skiff product suite
Beyond end-to-end encrypted storage, Skiff offers Pages, Calendar, and Mail products for collaboration and communication.Every Skiff Mail user gets unrestricted access to the following products:- Skiff Drive (all data end-to-end encrypted, unlike OneDrive)
- Skiff Pages (for wikis, notes, documents, and real-time collaboration)
- Skiff Calendar (integrates natively with Skiff Mail)
| Features | Free | Pro | Business |
| Drive storage | 10 GB | 100 GB | 1 TB |
| Sending messages (limit) | 200/day | Unlimited | Unlimited |
| Folders and labels | 5 | Unlimited | Unlimited |
| Custom signatures | |||
| Auto reply | |||
| Schedule or undo send | |||
| Email + doc text search | |||
| E2EE link sharing | |||
| Document limit | Unlimited | Unlimited | Unlimited |
| Skiff.com aliases | 4 | 10 | 15 |
| Custom domains | 0 | 2 | 5 |
| Workspace collaborators | 6 | 6 | Unlimited |
| Doc version history | 24 hours | Unlimited | Unlimited |
More cloud storage security tips
In this section, we’ll review a few more security tips when selecting a cloud provider, such as OneDrive.1. Use a strong password: This may seem like an obvious one, but it’s important to use a strong password for your cloud storage account. A strong password should be at least 8 characters long and include a mix of uppercase and lowercase letters, numbers, and special characters. More info on strong passwords, as well as password managers, is in our blog.2. Enable two-factor authentication: Two-factor authentication (2FA) is an extra layer of security that requires you to enter a code from your phone in addition to your password when logging into your account. This makes it much harder for someone to hack into your account, even if they know your password, as it prevents unauthorized access without the second factor.3. Be careful what you store in the cloud: Just like you wouldn’t store sensitive information on your computer or phone, you should be wary of storing sensitive information in the cloud. This includes things like your social security number, bank account information, and credit card numbers. If you choose an end-to-end encrypted provider, like Skiff, you should have more confidence that your data is private to you.4. Read privacy policies and terms of service: Particularly on a provider that is not end-to-end encrypted - like OneDrive - understanding terms of service and privacy policies are critical to knowing when your sensitive data may be accessed and how a provider manages data privacy. We wrote more about this in our blog on end-to-end encrypted storage providers.Comparing OneDrive with other cloud storage providers
MicrosoftOneDrive is a cloud-based file storage and synchronization service that was released in 2014. It allows users to store files and personal data in the cloud, as well as sync files across devices. OneDrive offers 5 GB of storage for free, with paid plans starting at 50 GB. OneDrive also includes features such as file versioning, basic file encryption (more info on this below), and the ability to set access permissions. OneDrive traces its root to a previous Microsoft storage product - SkyDrive - that was launched in 2007.MicrosoftOneDrive, Google Drive, and Dropbox all offer online storage and synchronization of files between devices. This includes compatibility across most consumer platforms, including Apple’s iOS, Android, Windows (naturally), and iPad tablet and mobile apps as well. However, OneDrive has a few different features related to the Microsoft ecosystem and their larger suite of enterprise products. Unsurprisingly, OneDrive offers a deep integration with Microsoft Office apps, allowing users to edit Word, Office, and other documents directly in the web browser. Although the Office suite was late to the real-time collaboration world compared to Google, the products have now evolved to support fully web native collaboration. OneDrive also offers a "Fetch" feature, which allows users to access files stored on their PC from a remote location, which can be helpful as a storage solution for many users. The product also integrates with. Microsoft’s SharePoint product for sharing files, folders, and content with external organizations.In contrast, Google Drive offers similar features to OneDrive and Dropbox, but also includes integration with Google's suite of productivity apps (Docs, Sheets, Slides, etc.); Dropbox has their own on-platform editor known as Dropbox Paper. Dropbox, Google Drive, and other storage providers, such as Box, offer similarly priced cloud storage services and functionality.Google Drive and OneDrive have very similar pricing structures. Both offer a free tier with limited storage, and both charge for additional storage. OneDrive offers slightly more storage for the same price as Google Drive. For example, OneDrive offers 1 TB of storage for $7 per month, while Google Drive charges $10 per month for 1 TB of storage.Comparing encryption and end-to-end encryption
MicrosoftOneDrive supports encryption at rest and encryption in transit - but not zero-knowledge end-to-end encryption. Encryption at rest means that your data is encrypted when it is stored, such as with AES-256 bit encryption. Encryption in transit means that your data is encrypted when it is sent over the network using TLS and SSL protocols. TLS is a security protocol that provides privacy and data integrity between two communicating computer applications. It is the most widely-deployed security protocol used today, and is used in web browsers and web servers, as well as in many other applications that require data to be securely exchanged over a network.While encryption at rest and encryption in transit are important, they are largely baseline requirements for any cloud application these days. In contrast, end-to-end encryption yields significantly stronger security protections, as only you can read your data.End-to-end encryption is a type of encryption where only the sender and the receiver can read the messages. This is in contrast to other types of encryption, where the server in the middle can also read the messages. End-to-end encryption is used in messaging apps like WhatsApp and Signal, as well as in email programs like Skiff.The advantage of end-to-end encryption is that it protects the privacy of the messages being sent. Even if the server in the middle is compromised, hackers would not be able to read the messages since they are encrypted. This means that end-to-end encryption is a very effective way to protect your privacy. Another advantage of end-to-end encryption is that it makes it very difficult for anyone to spy on an individual, including law enforcement. Since the messages are encrypted, service providers or anyone else with access to hard drives or encrypted data would not be able to read users’ files, even if they wanted to. This is a major advantage for people who value personal privacy and data security.The best end-to-end encrypted cloud storage
Skiff: Skiff is an end-to-end encrypted, privacy-first collaboration and email platform that includes file upload, storage, and sharing. The product is completely end-to-end encrypted, meaning that your encryption keys are private to you - and never shared with Skiff or anyone else. Skiff also provides additional security features, including password protected documents, as well as native applications for iOS, Android, and more platforms.Tresorit: Tresorit is another popular end-to-end encrypted storage provider. The platform focuses more on syncing folders or files from your desktop to the web; it also offers easy-to-use native applications for mobile devices, tablets, and more devices.For more information comparing providers, check out our longer blog on encrypted cloud storage providers here, or our favorite encrypted note taking apps as well. These blogs provide additional context on how end-to-end encryption is helpful across different use cases, from businesses with client data to families protecting personal files.More cloud storage security tips
In this section, we’ll review a few more security tips when selecting a cloud provider, such as OneDrive.1. Use a strong password: This may seem like an obvious one, but it’s important to use a strong password for your cloud storage account. A strong password should be at least 8 characters long and include a mix of uppercase and lowercase letters, numbers, and special characters. More info on strong passwords, as well as password managers, is in our blog.2. Enable two-factor authentication: Two-factor authentication (2FA) is an extra layer of security that requires you to enter a code from your phone in addition to your password when logging into your account. This makes it much harder for someone to hack into your account, even if they know your password, as it prevents unauthorized access without the second factor.3. Be careful what you store in the cloud: Just like you wouldn’t store sensitive information on your computer or phone, you should be wary of storing sensitive information in the cloud. This includes things like your social security number, bank account information, and credit card numbers. If you choose an end-to-end encrypted provider, like Skiff, you should have more confidence that your data is private to you.4. Read privacy policies and terms of service: Particularly on a provider that is not end-to-end encrypted - like OneDrive - understanding terms of service and privacy policies are critical to knowing when your sensitive data may be accessed and how a provider manages data privacy. We wrote more about this in our blog on end-to-end encrypted storage providers.Related articles
Andrew MilichWhat's the best encrypted cloud storage provider?Choosing a cloud storage provider? Consider these platforms, security guidelines, and tips when setting up your account.
Skiff TeamThe most private web browsersBrowsers are our portal to everything we do online. How can we use them securely and privately?
Skiff TeamIs Dropbox end-to-end encrypted?Almost a billion people use Dropbox for for cloud storage, to share files, and to collaborate. Is it secure?
Skiff TeamIs Google Drive end-to-end encrypted?Over a billion people use Google Drive. Is Google Drive secure, encrypted, and end-to-end encrypted?
Skiff TeamEncrypted collaboration toolsSecurity and privacy have become necessities when collaborating online. What are the best encrypted collaboration tools?
Peter LuThe best encrypted note taking apps in 2023We store more private information in our note-taking apps than in our homes. What are the best encrypted notes apps with fantastic privacy and best-in-class features?
