Is my data safe in Microsoft 365?

365 is an encrypted cloud storage solution. Your files are encrypted during travel (downloading / uploading) and while at rest (you’re not interacting with it).

Cloud Backup

Your files are stored in the cloud*, file safety and integrity is not reliant on your computer’s health. If your computer is subjected to water damage, fall damage, etc., your files are safe if they’re backed up to a cloud.
Your computer should never hold a sole copy of any data.

*For an in-depth explanation of the cloud, please section at the bottom of this guide.

Encryption

You can compare an encrypted file to a secret message you are sending to a friend. Beforehand, you both decided on a cypher that you will use to scramble your messages. Now, when you are finished writing your secret message to your friend, you scramble all the letters using the cypher. When they receive the letter, they use that same cypher to unscramble, or decrypt, the message. If anyone were to intercept the letter, they would have no idea what it says.

When uploading / downloading files, a 2048-bit encryption key is used. This means there are 2²⁰⁴⁸ possible combinations to decrypt your data. This would take a conventional computer 300 trillion years to unscramble without the cypher.

Version History

On the other side of this coin, what if a user makes a mistake on a file? OneDrive and SharePoint keep versions of each file. This is called Version History. Every time someone opens a file (for example), an invisible copy of the file is saved. If needed, you can restore the file to this invisible copy. Let's say the coworker opens the file and believes you want them to delete an entire column in Excel. They delete the column and then save the file. Next week you discover the mistake, however you do not worry because you know that you can go back into the file’s history (versions) and restore the file to a previous point in time. To learn more about version history and when versions (restore points) are captured, view the guide below when you are done reading this page.

A “version” is trigged:

• When a file is first created or uploaded

• When the properties of a file are changed

• When an Office document is opened

• Periodically when editing and saving Office documents; not each individual edit or save will create new versions, especially when many occur in a short period of time

• When a new user opens the document

Version history works with all file types, including Microsoft365 files, PDFs, and images. Version history is also available for Sharepoint, including calendars and lists.

Restore

Similar to Version History, users can restore their entire OneDrive or SharePoint to a previous point in time. Visit this guide to learn more: https://uconn.atlassian.net/wiki/spaces/IKB/pages/26375422051 or https://uconn.atlassian.net/wiki/spaces/IKB/pages/26635337780

Continued reading on Microsoft 365 data security

In the case of Microsoft 365 OneDrive and SharePoint, “the cloud” is comprised of many computers working together to form a file repository. These computers contain redundancies within themselves: if a hard drive fails, it is replaced by a new drive. When a computer finds a new hard drive, it looks at the other hard drives and performs calculations to figure out what data was on the failed hard drive and automatically reconstructs the data. This setup is named RAID (Redundant Array of Independent Disks). In the enterprise world, RAID arrays can suffer multiple disk failures without losing data.

The RAIDs described above receive instructions from “controllers”. These are the brains of the whole operation. The controllers themselves operate in redundancies. If one of the brains go offline, there are other brains already up and running to take their place.

The controllers and arrays above make up what is known as a “data center”. Computers, and sometimes the entirety of the data center, are duplicated to secondary data centers to add geographic redundancy. This can be repeated to create a network across the country.

Related Guides