Now that DB doesn't support their encryption app the op is asking for what may work with OneDrive. The CEO was already doing this successfully with DropBox. It may be that a cloud-based solution simply isn't the right solution for him. You need to find out why your CEO believes he needs to encrypt his files on OneDrive. I've run into CEOs and other executives who thought they were tech savvy but when pushed admitted they had no real basis for their belief in how much they really know about technology.
the computer is BitLocker encrypted and that has nothing to do with the question.īased on your original post I really doubt just how tech savvy your CEO is. If they were they wouldn't be using OneDrive and instead keeping everything local, using BitLocker with a passphrase and not integrated into the system BIOS. I'm not sure this CEO is privacy or tech savvy. Be careful to not to get distracted and miss proper security baselines.Īlso - where did you find a privacy/tech savvy CEO. These practices are good for any business, not just OneDrive.Īdding a completely different vendor's encryption on top of Microsoft's encryption might limit the amount of time and effort you and the CEO has to implement proper security controls, as I mentioned.
#VIEW FILES ONLINE BOXCRYPTOR PASSWORD#
Personally, for me, I would be more concerned about ensuring the proper controls are implemented and enforced, such as Conditional Access, Least Privileged Access, Strong Password Policy, and MFA. It can then be encrypted at rest on the PC, by using BitLocker.
OneDrive as supplied through a M365 Business Account is already encrypted in transit and encrypted at rest (in Microsoft data center). OneDrive Encryption is certified: FIPS 140-2 compliance, 256-bit AES Encryption at rest, TLS encrypted with 2048-bit keys. Seeing that encryption is audited and compliant is important to any security professional.
#VIEW FILES ONLINE BOXCRYPTOR OFFLINE#
Place the files in VeraCrypt, setup a nightly (or whatever frequency you desire) backup, and keep a periodic offline copy of the data (to protect against ransomware), and call it a day. Maybe a better solution would be local storage with a robust backup strategy. The 3rd party will always have a copy of your data, and any vulnerability found in the technology that you are using to protect that data might later be exploited to review the contents. If someone is truly concerned about privacy, storing files onto a 3rd party cloud provider is likely not the best move. Perhaps the best solution would be to have the CEO purchase a subscription with DropBox, and use that instead? It sounds like the familiar technologies are already being incorporated based on your description, so why change away from something that worked well? I also know, that in the past, OneDrive did not support block-level sync (it was file-level sync), and so drop-box would sync a changed encrypted file (because the block-level data would change), but OneDrive would not (because the file metadata did not change). The problem would be, that while the VeraCrypt file is mounted, it cannot sync. I've used VeraCrypt quite a lot, but not inside of OneDrive.
0 kommentar(er)
