Is OneDrive Safe? Microsoft’s Security, Privacy, and Encryption
OneDrive is the most popular cloud storage for Windows due to its easy integration in the Microsoft ecosystem.
However, like most big tech companies from the US, there are concerns about how these companies use, secure, and keep your data private, leading many to wonder is OneDrive safe if you want to store photos, documents, or videos in privacy.
Within this article, we will analyze the following topics, and cover how Internxt is the best alternative to OneDrive if you value the privacy of your files, and want to live a more private life online.
- Is OneDrive safe?
- OneDrive features and pricing
- OneDrive privacy concerns
- Alternative to OneDrive
Table of contents
- OneDrive features
- Is OneDrive safe for your files?
- Problems with OneDrive
- Is OneDrive safe for your personal information?
- Internxt vs Onedrive
- Related articles
OneDrive features
OneDrive offers 5GB of free cloud storage, as it is owned by Microsoft, it mostly focuses on Windows users, but it is also available for mobile, Mac, and Linux, although you may have to use third-party clients to sync files on Linux systems.
Aside from cloud storage, OneDrive also offers the following features.
OneDrive storage and pricing
| Plan | Price (approx) | Users | OneDrive Storage |
|---|---|---|---|
| Free Microsoft Account | €0 | 1 | 5 GB |
| Microsoft 365 Basic | ~€2/month | 1 | 100 GB |
| Microsoft 365 Personal | ~€10/month or ~€99/year | 1 | 1 TB |
| Microsoft 365 Family | ~€13/month or ~€129/year | Up to 6 | Up to 6 TB (1 TB each) |
| Microsoft 365 Premium | ~€19.99/month | Up to 6 | Up to 6 TB (1 TB each) |
Microsoft Outlook, Teams, AI, and security
| Plan | Outlook Email | Office Apps | Teams | AI (Copilot) Features | Encryption / Security Features |
|---|---|---|---|---|---|
| Free Microsoft Account | Outlook.com basic | Web/mobile only | Free Teams basic | Limited / none | TLS + basic encryption at rest |
| Microsoft 365 Basic | Outlook.com ad-free + security | Web & mobile Office apps | Included | None (no Copilot) | Encryption in transit & at rest |
| Microsoft 365 Personal | Outlook with premium features | Desktop, web & mobile | Included | Copilot integration | Encryption in transit & at rest |
| Microsoft 365 Family | Outlook per user | Desktop, web & mobile | Included | Copilot integration | Encryption in transit & at rest |
| Microsoft 365 Premium | Outlook with advanced security | Desktop, web & mobile | Included | Advanced Copilot features | Encryption + Defender + device security |
Is OneDrive safe for your files?
Yes, OneDrive is safe for your files as it uses strong encryption, secure data centers, and advanced security features to protect your data from unauthorized access, loss, or cyber threats.
Here are the main security features of OneDrive
- Encryption in transit and at rest: Files are encrypted while being uploaded/downloaded (SSL/TLS) and also when stored on Microsoft’s servers, but OneDrive does not use zero-knowledge encryption.
- Secure data centers: Microsoft operates highly secure, globally distributed data centers with physical security, monitoring, and strict access controls.
- Two-Factor Authentication (2FA): You can add an extra verification step to prevent unauthorized logins with 2FA, biometrics, or a passkey.
- Ransomware detection and file recovery: OneDrive can detect suspicious activity and allows you to restore previous file versions.
- Compliance standards: OneDrive meets security and privacy certifications used by businesses and governments worldwide such as ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, SOC 1 and SOC 2, GDPR, HIPAA, and FedRAMP.
- Personal Vault feature: An extra-protected folder that requires additional identity verification. It does not have zero-knowledge encryption, such as Koofr, but it uses multi-factor authentication, automatic lock after inactivity, and additional identity verification to protect your files.
So while OneDrive is secure, it has major difference when it comes to the privacy of your files and how it handles your data which we take a look at in more detail below.
Problems with OneDrive
When considering is OneDrive safe for your files, we have to look past the security features, and dig deeper into the privacy, encryption, and how OneDrive handles your personal data, and the potential risks these carry.
Encryption
Like Google Drive, Dropbox, and many other cloud companies, OneDrive uses end-to-end encryption, which is a secure method to secure your files, but it is not the most private method to ensure your files can only be viewed by you, or those you share them with.
This is because OneDrive handles the encryption process, and manages the keys on their servers, which could give Microsoft or government employees access to your files.
To ensure only you can see the files you store with cloud companies, the best option is to use cloud storage with zero-knowledge encryption, such as Internxt Drive.
File scanning and monitoring
Microsoft uses automated systems to scan file contents to detect malware, viruses, phishing links, spam, abuse, and policy violations. This scanning happens as part of security protection and enforcement of their terms but can still give Microsoft access to your private data.
Microsoft also monitors usage activity and file behavior to detect suspicious access, account compromise, or unauthorized sharing. If Microsoft suspect suspicious activity, they can delete your files and accounts.
Data location jurisdiction
Because Microsoft controls infrastructure and data placement decisions, standard OneDrive have limited control over where data resides, typically this can be in the US, which has different privacy laws depending on the state, or in Europe.
Depending on where your data resides, your files are subject to the laws and government access rules which could give them access to your personal information or they could sell your data to third parties.
Is OneDrive safe for your personal information?
Not everyone has the time to read through the terms and conditions of all the subscriptions and services we sign up for.
For Microsoft, we have taken the most relevant parts of Microsoft’s privacy policy related to how your personal data is used when you sign up for Microsoft’s services.
What data does Microsoft collect?
First, Microsoft collects your personal information, as stated in its privacy policy:
“[...] you provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with our products. The data we collect depends on the context of your interactions with Microsoft and the choices you make…”
What this means: Microsoft collects content you upload, metadata about your activity, and usage patterns.
The risks: With this data, Microsoft can create a detailed profile tied to your identity, and you lose control of your online privacy, as Microsoft can use this data for targeted ads.
How to prevent this: You can use zero-knowledge encrypted cloud services, or you can use other free tools for extra privacy to protect your data, such as Internxt’s Metadata remover to prevent Microsoft from collecting this data from your files.
How Microsoft uses your data
When using Microsoft, it also collects the following data when you use its service:
“Activity data. Data about how you use our products and services, such as the features you use, the items you purchase, and the websites you visit.”
“Device data. Data about your device, such as IP address, device type, operating system, browser information, and device identifiers.”
“Location data. Data about your device’s location, which can be precise or imprecise depending on settings.”
How this data can be used: this data can be used to track your location, so it can reveal where you live, work, and where you often visit.
The risks: If this data is exposed through a breach or legal request, someone could learn where you live, what devices you use, and use this information for more advanced cyberattacks, such as AI phishing or installing malware on your device.
How your content is used
For the content of your files, this data can also be used and scanned by Microsoft across its different products
“[...] such as Outlook.com or OneDrive, systematically scan content in an automated manner to identify suspected spam, viruses, and malware”.
Although Microsoft scans these files and their contents for what could be perceived as your own benefit, if you truly value the privacy of your files, then this can give Microsoft access to your content that you don’t want to be scanned.
How this data can be used: Scanned files and data can also be processed to provide services, improve features, troubleshoot issues, and support security monitoring across products.
The risks: Your files are not completely private from the provider which could expose your sensitive information, photos, and contents to Microsoft without your knowledge.
Who can access your data?
As OneDrive does not use zero-knowledge encryption, they hold the encryption keys to your data, and therefore Microsoft employees could theoretically decrypt and access your files at anytime.
Outside of this, as Microsoft is based in the USA, they write the following:
“If Microsoft receives a warrant from a law enforcement agency for access to data stored on OneDrive, they will comply with the legal requirements…”
How this data can be used: If governments or OneDrive can access your files, they can delete accounts, files, or take other legal action.
The risks: data exposure, loss, data breaches, or legal consequences.
Internxt vs Onedrive
Internxt is a European alternative to OneDrive that uses post-quantum and zero-knowledge encryption for all files. It is also fully open source, and is available on all platforms, including Linix, with WebDAV and native rclone support also available with Ultimate plans.
Internxt’s mission for privacy and zero-knowledge policies make it different from OneDrive, Google Drive, iCloud, and others, as nobody, not even Internxt or law enforcement agencies can view your files.
This encryption extends to all of Internxt’s product suite, which also include:
- Encrypted backups
- File versioning
- 2FA
- Antivirus
- Cleaner
- VPN
- Meet
Internxt offers annual and lifetime plans of up to 5TB with all the features of Internxt included. Essential and Premium plans are also available, which you can learn more about from our website or check out the features of these below.
| Plan | Storage | Features | Annual Cost | Lifetime Cost |
|---|---|---|---|---|
| Essential | 1TB |
|
€18 | €285 |
| Premium | 3TB |
|
€36 | €435 |
| Ultimate | 5TB |
|
€54 | €585 |
If you need more storage, Internxt also partners with StackSocial to offer 100TB of lifetime cloud storage, but this does not include the extra features listed on our website.
You can upgrade your lifetime plan if you want more storage with these features included.
It also offers family and business plans, and complies with multiple security regulations such as GDPR, ISO 27001, SOC 2, and HIPPA, so your data is protected with the best encryption and security regardless of whether you use cloud storage for personal or enterprise use.
To get started with Internxt, and to learn more about how Internxt compares to OneDrive, you can learn more from our website, and get a huge discount of 87% off all plans.
Related articles
Is Google Drive safe?
https://blog.internxt.com/onedrive-vs-icloud/
https://blog.internxt.com/onedrive-vs-google-drive/