OneDrive原生集成到Windows中,只有数据经过加密和安全才有意义。虽然加密(Encryption)可确保在设备丢失时无法访问文件,但安全(Security)性提供帐户级别的保护,这使得帐户所有者难以破解并轻松恢复。在这篇文章中,我们将探讨加密和保护OneDrive文件的方法。
这篇文章中讨论的主题:
- 加密 OneDrive 文件
- 在您的移动设备上启用加密
- Microsoft 365 高级保护
- 保护个人保管库中的文件
- 受密码保护的链接
- 勒索软件检测和恢复
- (Data Encryption)OneDrive for Business中的数据加密
- 加密 OneDrive 文件以确保安全
- 保护 OneDrive 帐户
- 创建一个强密码
- 使用两因素验证
- 将(Add)安全信息添加到您的Microsoft帐户
如何加密 OneDrive 文件
有两种加密 OneDrive文件(Files)的方法。一是(Frist)可以通过手机完成的原生方法,二是使用Microsoft 365 高级保护(Advanced Protection)。
1]在您的移动设备上启用加密
iOS 和Android都提供设备加密。如果您在设置中搜索它,您应该能够找到它。完成后,只能通过指纹、PIN或图案(Pattern)打开手机。
2] Microsoft 365 高级保护(Advanced Protection)
1]保护个人保管库中的文件
个人保管库是 OneDrive(Personal Vault is a secure area in OneDrive)中受密码保护的安全区域。它可用于保护您在此处添加的任何文件。该功能最好的部分是如果一段时间不使用它会自动锁定。您还可以在 Personal Vault 中添加无限数量的文件。(unlimited number of files in Personal Vault.)我建议如果您有太多敏感数据,请始终使用此功能。
2]受密码保护的链接
使用链接收听文件的最大问题之一是可以访问任何拥有链接的人。如果您无法将帐户添加到要共享的文件,则共享文件的正确方法是使用密码。该选项在链接(Link)设置下可用,您还可以在其中添加共享文件的到期日期。这两种方法都是共享文件的正确方法。
3] 勒索软件检测和恢复
如果您的 PC 感染了包括OneDrive上的文件,Microsoft Office 365 会通知您。一旦确认文件被感染,它将确保可以恢复云上的文件。由于OneDrive提供版本控制,因此可以轻松恢复文件。但是,请确保 PC 上不再提供恶意软件或勒索软件。
4 ] OneDrive for Business和Sharepoint中的数据加密(] Data Encryption)
在这里,您可以获得两个额外的安全性——数据安全的传输中和静态加密方面。静止时,该帐户将获得BitLocker磁盘级加密和客户内容的每个文件加密。前者锁定驱动器,后者为每个文件添加唯一的加密密钥。
由于文件存储在云中,无论它在哪里,任何重建文件,当请求的进程必须经过三个物理存储组件——blob 存储、内容数据库(Content Database)和密钥存储(Key Store)时,都无关紧要。有了这三个,数据将毫无用处。在此处阅读更多相关信息。(Read more about it here.)
阅读(Read):保护 OneDrive 帐户的提示(Tips to secure a OneDrive account)。
5]加密OneDrive(Encrypting OneDrive)文件以确保安全
有许多第三方程序可用于加密整个硬盘驱动器或基于文件到文件。Windows Club列出了一些最好的免费文件加密软件(best free file encryption software)。您可以使用这些程序加密本地计算机上的整个OneDrive文件夹,以便在上传它们时对其进行加密——或者您可以仅加密包含敏感信息的文件夹。您也可以使用Windows默认 的BitLocker 或NTFS加密来加密文件。
2]如何保护OneDrive帐户
有三种方法可以保护OneDrive 帐户(OneDrive Account)。它将确保帐户难以被黑客入侵,并且通过额外的信息,如果出现违规行为,您可以恢复。
1]创建一个强密码
不用说,不仅仅是 OneDrive 帐户,任何帐户都应该有一个强密码。浏览器中有强大的密码生成(strong password generators)器,您可以将其用于您的帐户。
2]启用双因素验证
与强密码类似,启用双重身份验证(enabling two-factor authentication)也很重要。每次登录时,您都必须使用由Microsoft Authenticator和Google Authenticator等安全应用程序生成的代码对其进行身份验证。
3]将(Add)安全信息添加到您的Microsoft帐户
确保(Make)您在帐户中包含足够的信息,包括辅助邮箱 ID 和电话号码。如果帐户被黑客入侵或忘记密码,这将帮助您找回帐户。
OneDrive Personal和OneDrive for Business都为文件和帐户提供安全功能。重要的是,我们还启用了必须由最终用户启用的某些功能,例如 2FA、Personal Vault等。使用OneDrive for business 的用户已经拥有一个安全的环境,但要确保 PC 和帐户受到保护。
这篇文章已于2021 年 7 月(July 2021)更新。
How to encrypt and secure OneDrive files?
OneDrive is natively intеgrated into Windows, and it only makes sense the datа іs encrypted and secure. While Encryption makеs sure the files are not accessible if the device is lost, Seсurіty offers accoυnt-level protection, which makes breach difficult and recovery easy for the owner of the account. In this post, we look at thе ways to encrypt and secure OneDrive Files.
Topics discussed in this post:
- Encrypt OneDrive Files
- Enable encryption on your mobile devices
- Microsoft 365 Advanced Protection
- Protect files in Personal Vault
- Password-protected links
- Ransomware detection & recovery
- Data Encryption in OneDrive for Business
- Encrypting OneDrive files for security
- Secure OneDrive Account
- Create a strong password
- Use two-factor verification
- Add security info to your Microsoft account
How to Encrypt OneDrive Files
There are two ways to encrypt OneDrive Files. Frist is the native method that can be done through the phone, and the second is to use the Microsoft 365 Advanced Protection.
1] Enable encryption on your mobile devices
Both iOS and Android offer device encryption. If you search it in your settings, you should be able to find it. Once done, the phone can be opened only through the fingerprint, PIN, or Pattern.
2] Microsoft 365 Advanced Protection
1] Protect files in Personal Vault
Personal Vault is a secure area in OneDrive which is password protected. It can be used to safeguard any file which you add here. The best part of this feature is that it will automatically lock if it is not used for a period of time. You can also add an unlimited number of files in Personal Vault. I would suggest that if you have too much sensitive data, always use this feature.
2] Password-protected links
One of the biggest issues with hearing files using a link is that anybody with a link can be accessed. If you cannot add an account to the file you want to share, the right way to share a file will be using a password. The option is available under Link settings, where you can also add the expiry date for the shared file. Both of these methods are the right way to share files.
3] Ransomware detection & recovery
If your PC gets infected file include those on OneDrive, Microsoft office 365 will notify you about it. It will make sure the files on the cloud can be recovered once you confirm that the files are infected. Since OneDrive offers versioning, it is possible to restore the files easily. However, make sure that the malware or ransomware is not available anymore on the PC.
4] Data Encryption in OneDrive for Business & Sharepoint
Here you get two additional security—in-transit and at-rest encryption side of data security. When at rest, the account gets BitLocker disk-level encryption and per-file encryption of customer content. While the former locks the drive, the latter adds a unique encryption key to each file.
Since the files are stored in the cloud, it doesn’t matter where it is, any reconstruction file, when the requested process has to go through three physical storage components—the blob store, the Content Database, and the Key Store. With all three, the data will be useless. Read more about it here.
Read: Tips to secure a OneDrive account.
5] Encrypting OneDrive files for security
There are many third-party programs available to encrypt entire hard drives or on a file-to-file basis. The Windows Club has a list of some of the best free file encryption software. You can use these programs to encrypt the entire OneDrive folders on your local computer so that when they are uploaded, they are encrypted – or you can encrypt only the ones containing sensitive information. You may also use Windows default BitLocker or NTFS encryption to encrypt the files.
2] How to Secure OneDrive Account
There are three ways to secure OneDrive Account. It will make sure the account is difficult to hack, and with additional information, you can recover if there is a breach.
1] Create a strong password
It goes without saying that not just a OneDrive account, but any account should have a strong password. There are strong password generators within the browser that you can use with your account.
2] Enable two-factor verification
Similar to a strong password, it is important to enabling two-factor authentication. Every time you log in, you will have to authenticate it using a code generated by secure apps such as Microsoft Authenticator and Google Authenticator.
3] Add security info to your Microsoft account
Make sure you have included enough information in your account, including recovery email id and phone number. This will help you get back the account if it is hacked or forgotten the password.
OneDrive Personal and OneDrive for Business both offer security features to files and accounts. It is important that we also enable certain features that have to be enabled by the end-user, such as 2FA, Personal Vault, and more. Those using OneDrive for business already have a secure environment but make sure the PC and account are protected.
This post has been updated in July 2021.