M365 OneDrive - Restricted "Sync" for Personal Devices

Audience

Public

Question

Why was the Sync function turned off for my M365 OneDrive?

Answer

Cybersecurity recommended not to sync personal devices with M365 OneDrive.

We understand that the policy may cause some inconvenience moving forward but hope that the other provided alternatives are sufficient.

Additionally, we wanted to mention that the use of removable hard drives is highly discouraged as there are multiple other methods to achieve the desired results of file accessibility.

Utilizing your Citrix Workspace to save documents or work within the OneDrive application can still provide the same benefits as a domain joined device. Proper security settings have been applied to that workspace and is recommended for Central Piedmont business operations. Another option to ensure that your work is stored and up to date properly would be to utilize your browser to access OneDrive as well as online applications that will automatically save and update your work.

We strongly advise that clients use one of the alternative methods provided above to continue Central Piedmont business operations.

Below are 6 reasons as to why Cybersecurity recommended NOT to sync personal devices with M365 applications. 

  1. Data Leakage: Personal devices are not managed by the College and likely lack the same level of security controls making them more susceptible to malware infections, phishing attacks, or unauthorized access. If a personal device syncing with OneDrive is compromised, sensitive work-related data stored in the cloud may be at risk of exposure or theft. This issue could potentially be solved by managing personal devices; however, device owners may be resistant to the idea of the College managing their personal devices, and the College may not have the resources to support such an initiative. 
  2. Unauthorized Access: Personal devices may be used by multiple users or lack adequate protection which increases the risk of unauthorized access to work-related files stored on OneDrive. Without proper security protections, personal devices can be easily compromised, allowing unauthorized individuals to view, modify, or delete sensitive information. 
  3. Device Loss or Theft: If a personal device containing synced work files is lost or stolen, sensitive data stored on OneDrive may be accessed by unauthorized parties, potentially leading to data breaches or compliance violations. To protect College data, we would need to wipe the phone which means we would need to manage the device so, essentially, the owner of the device would not be managing it. 
  4. Compliance Risks: Syncing work-related data to personal devices can create compliance risks by potentially violating regulations or data protection laws, such as FERPA, GLBA, and HIPAA. Compliance laws require devices to have certain security standards and/or encryption which are not enforced by the College on personal devices; leading to non-compliance and legal consequences. 
  5. Data Residency and Jurisdiction: Syncing work-related data to personal devices may raise concerns regarding data residency and jurisdiction. Personal devices may be used in different locations or countries with varying data privacy laws and regulations, potentially exposing the College to legal complexities and challenges in ensuring compliance with local data protection requirements. 
  6. Intermingling of Personal and Work Data: Syncing personal devices with the College’s OneDrive can lead to the intermingling of personal and work-related data on the same device. This can create challenges in enforcing data segregation, access controls, and data retention policies, increasing the risk of accidental exposure or unauthorized access to sensitive work-related information. 

To mitigate these Cybersecurity concerns, Central Piedmont has and will continue implementing policies and controls to protect data used for Central Piedmont.  

If you have any further questions or concerns, please contact your respective VP to escalate your concerns.

Further Reading

Citrix Workspace

Logging Into Microsoft 365

100% helpful - 1 review