CloudMounter – the best OneDrive security guarantee

What is OneDrive? A cloud storage service, through which you can store all kinds of files. Thanks to this, you can create a document and edit it without the need to save it to a USB or send it to an email address for editing. CloudMounter is at the top of the industry in terms of adding extra security to your files, but let’s go through all the important aspects of this interesting concept.

Cloud management: key points and top tools
OneDrive security

How Secure Is OneDrive?

"Is Microsoft Onedrive secure?" is a common question among users. OneDrive has several security features such as "Virus scanning on download for known threats" where the Windows Defender anti-malware engine scans documents at download time for content matching an AV signature (updated hourly). Another one would be "Suspicious activity monitoring" that is meant to prevent unauthorized access to your account, OneDrive monitors for and blocks suspicious sign-in attempts.

Additionally, they will send you an email notification if they detect unusual activity, such as an attempt to sign in from a new device or location.

Is OneDrive Encrypted?

When it comes to how secure Microsoft OneDrive is, we surely know that it uses disk encryption using BitLocker Drive Encryption and file encryption to protect your data.

When it comes to encryption Onedrive takes each file and encrypts it with its own encryption key, whatever is more than 64 KB is divided into individual chunks and each of them has its own encryption key locked in a keystore. Each file fragment is then randomly distributed among Microsoft Azure Storage containers and a building map of the entire file is stored in a separate, secure content database. Those that were concerned about the question "are onedrive files encrypted?" can relax.

To gain access to the file, attackers would need the map, keys and all file fragments, a highly unlikely task to perform. Each file is encrypted at rest with a unique AES256 key. These unique keys are encrypted with a set of master keys that are stored in Azure Key Vault. Using a Microsoft 365 feature called Customer Key Service Encryption, you can upload your own encryption keys to Azure Key Vault to use encryption of data at rest in Azure data centers.

Although this encryption is done natively using BitLocker, customers may need to use their own key to meet their security compliance requirements. If users lose their key, they can recover a deleted key from the Recycle Bin for 90 days (depending on settings). However, in order to use this feature, you must create an Azure subscription and complete some prerequisites.

What are the most common OneDrive risks?

Data protection is still a big issue. The providers certainly do everything in their power to protect their servers from unauthorized third parties. When it comes to Onedrive security issues, as an entrepreneur, however, you should keep in mind that ultimately you will not be able to 100% prevent the transfer of your business data.

Be it because various hackers have cracked the access or because the providers are even forced to do so, such as by a secret service or another authority. The risk posed by hackers is probably higher. Hackers can try to gain access in their own interest or they have been hired to carry out targeted industrial espionage.

Another point of risk for the security of onedrive information is the location abroad. Most cloud providers have their headquarters abroad. Different data protection laws apply in other countries, so you cannot be sure what the actual risk is. Read the general terms and conditions and data protection regulations of the individual providers very carefully before you decide on a provider.

The Microsoft Onedrive encryption can also be extra-secured by data backup, i.e. a regular backup of the data, is your own responsibility. The providers protect themselves against data loss by clearly leaving the responsibility for it to the user. In such a case you can neither claim damages nor insist on the restoration of your data. If you're lucky, the provider has a backup that they can restore, but we wouldn't rely on that.

Encryption solutions to provide additional OneDrive protection

CloudMounter

Price: $44.99
Free version: Download
Mac App Store version: Available here

CloudMounter is probably the best solution for those who want to manage multiple cloud services with one program. This application makes it easy and simple to mount cloud services on your Mac as regular removable drives. The list of supported cloud services includes OneDrive, Google Drive, Amazon S3, Dropbox, OpenStack. Moreover, FTP, SFTP, FTPS and WebDAV servers can be mounted on Mac in exactly the same way as cloud services, i.e, as a network drive.

CloudMounter

For an extra layer of security, CloudMounter offers file encryption. Thus, you can store all your files in clouds without fear of leakage sensitive data to the network.

icon pros Pros:

  • You have access to all of your cloud storage accounts (OneDrive, Google Drive, or Dropbox) in one single platform.
  • All your files and folders that are onedrive encrypted and cloud-stored are unified right in your file manager.
  • Saves a lot of computer resources such as disk space and memory, as it is well optimized.

icon cons Cons:

  • Users have complained about CloudMounter may suffer from unreliability and instability sometimes. Most of the time it may be related to your internet provider and the quality of the connection.

Boxcryptor

Boxcryptor is an encryption program that is popular with a large audience. This application allows you to seamlessly sync your files with the most popular clouds (over 30 services are supported). In addition, there is support for EFSS and online backup providers. Unlike many free solutions, Boxcryptor has a simple and intuitive interface. With it, you can encrypt as many files as you need.

icon pros Pros:

  • It has a user-friendly interface. It can be fully tested with the trial feature, before deciding to buy the products, which is always nice.
  • It also provided a pretty high level of encryption security.

icon cons Cons.

  • Some users didn’t find the Android app very friendly, as it can get slow or even crash sometimes.

nCrypted Cloud

nCrypted Cloud is a good solution for those who want to protect corporate or personal data that is synced with such cloud services as Dropbox, Google Drive and SkyDrive. With encryption technology, nCrypted Cloud allows you to securely exchange data with anyone. At the same time you, as a content owner, have full control over who can access your data. The controls you set on your data are effective immediately.

icon pros Pros:

  • The main current services (Dropbox, Google Drive, OneDrive, Box and Egnyte) are compatible with this app.
  • You can set permissions to share files with other users that you decide.

icon cons Cons:

  • Users complained about the speed of encrypting a disk and that it is something that can definitely be improved.

Conclusion

All of the three choices from above are reliable solutions for encrypting your files, but if we had to choose only one, that would be CloudMounter. This software solution allows you to map Google Drive as a network drive, making it much easier to access Google Drive and manage data. You can manage and encrypt an account for free.

Frequently Asked Questions

Yes, you can. Actually we recommend you take the safest road and use two-factor verification. This helps protect your account by requiring you to enter an extra security code whenever you sign in on a device that isn’t trusted.

A very important detail to keep in mind is that OneDrive is a cloud storage management solution, not one that provides you OneDrive encryption solutions for backup management. This is a critical distinction that should not get out of hand. So all the data that is stored in OneDrive will be accessible whenever we need it, but it will not be protected at all.


Since you might be asking yourself how secure is OneDrive, as long as you save files in the folders that correspond to personal accounts and / or that are outside the "Shared with me" folder, only you will be able to see them, provided that you didn’t customize the privacy settings. Any documentation that contains personal, health, banking, financial and other data should not be present in this storage solution, unless it has additional encryption.

One of the common questions is „Is OneDrive secure?”. Now, the best thing that you can do when it comes to protection against hacking attempts is to subscribe to Microsoft 365 as you will get alerted if OneDrive detects a ransomware or malicious attack. You’ll be able to easily recover your ​files to a point in time before they were affected, up to 30 days after the attack. You can also restore your entire OneDrive up to 30 days after a malicious attack or other types of data loss, such as file corruption, or accidental deletes and edits.
Is OneDrive private? Well, it depends on how involved you are with the sharing settings. Other users can see your files only if you gave prior access to them, as several sharing options and shared access levels are available for you in the privacy settings:
  • Anyone – means that whoever has the link (whether from you or it has been forwarded by someone else) will have access to them. It includes people from outside your organization.
  • People from - gives access to the link to anyone in your organization, whether they received it directly from you or forwarded it to someone else.
  • Users with existing access - can be used with users who already have access to the document or folder. It does not change the permissions of the item. Use this option if you want to send a link to someone who already has access.
  • Certain people – let’s you specify certain users that can access your files. If someone forwards the sharing invitation, only those who already have access to the item will be able to use the link. Note: If a sharing option has been disabled, the organization administrators may have restricted it. For example, they can choose to disable the Anyone option to prevent links from being sent to other people. There are also different levels of permission:
    • Can view - allows the recipient to view only the file or folder; they cannot make changes to it. This can be further restricted by selecting the Block download option , which means that a local copy cannot be saved.
    • Can edit - allows the recipient to make changes to the file or folder.
OneDrive and Office 365 maintain a “zero-standing access” Microsoft onedrive security policy, which means that engineers do not have access to the service unless it is explicitly granted in response to a specific incident that requires elevation of access. To do this, OneDrive and Office 365 maintain strict separation between “elevation roles,” with each role only allowing certain predefined actions to be taken. Taken together, these investments in access control greatly reduce the likelihood that an engineer in OneDrive or Office 365 inappropriately accessed customer data.

The problem with cloud file accounts is that if a hacker gets the username and password, they have access to everything. Recently, OneDrive introduced a feature - called Personal Vault - that helps you protect against this problem.


Directly related to OneDrive privacy settings, this feature adds an extra layer of authentication for sensitive files, such as a fingerprint or face scan, a PIN, a code from your authentication application, or an authentication code sent via email or SMS. Personal Vault doesn't seem to support security keys yet - although you can use a Yubikey to obtain authentication codes. Once you open your Personal Vault, it will remain open until Microsoft detects twenty minutes of inactivity with your files.


We wouldn't recommend this feature as a substitute for documents that should be protected with E2EE, but it's a nice addition. However, if everything you do revolves around Gmail, Docs, and Sheets, then Google Drive is the best option. Google Drive is also the best for those who are purely interested in getting as much storage as possible at the best price.

Top choice

CloudMounter

  • Rank 5 based on 58+ users, Write a review
  • Requirements: Mac (Mac OS X) macOS 10.12 43.28MB free space.
  • Version 3.7.637. (). Release notes
  • Category: System Utilities