August 5, 2015

OneDrive Adds Governance Controls

3 minute read

In a recent article on the Office Blog, new IT management controls were introduced for OneDrive for Business. While the author, Reuben Krippner, called these management controls, it was evident that these are mostly governance capabilities being added to their business based cloud file storage. Thank you Reuben and glad to hear Microsoft is taking Information Governance seriously.

A few weeks ago I wrote about the 5 things you may not know about OneDrive for Business, discussing about it really being SharePoint behind the scenes, which brings along some governance as well. This post on the office blog highlights, however, a few new helpful items for those of us trying to deliver governance to our user base around Office 365.

Syncing only to domain PCs

Administrators can lock down file syncing to only work on (your organization’s) domain-joined PCs. While the negative of this feature is that Mac devices would no longer be able to sync, it seems that it’s worth the trade off to at least have this option.


This is huge! Administrators now have the ability to audit everything that happens to files in OneDrive (for Business). At RecordLion, we’re very excited about this capability. Being able to see who attempted to sync or who viewed files is critical because our system inherits the audit trails from the systems we manage, meaning that we can now add these items into the overall audit trail for documents, giving us the cradle to grave experience compliance teams have been asking for.

Device Management

In the article this feature is focused towards which mobile devices can connect to OneDrive for Business. However, using Mobile Device Management (MDM) in Office 365, not only can you force devices to enroll before allowing a connection, you can also help ensure the safety of your information in two other ways.

Security Policies

Prevent unauthorized users form accessing corporate email and data when a device is lost or stolen.

Selective Wipe

Remove Office 365 company data from an employee’s device while leaving their personal data in place.

Disable Default Sharing

One of the complaints we’ve heard from our customers about Microsoft Delve is that it makes it way too easy to find information on an employee’s OneDrive. The main reason for this was because by default, new users get a “Shared with everyone” folder in OneDrive for Business. Too many users were using OneDrive for their My Documents location and these documents were ending up in the shared folder allowing the entire organization to see what they were working on. Not always a good thing.

There is now a setting that can be switched off that removes the automatic creation of the “Shared with everyone” folder.

Complete Information Governance

Our tag line here at RecordLion is Complete Information Governance and we’re very excited when the repositories that we connect to add this level of control and enable us to deliver on our promise. For OneDrive for business there are more features than I listed here and I encourage you to take a look at the original article here.

Receive News Updates As Soon As They Happen