OneDrive for Business is a Microsoft cloud based storage solution that is a part of Office365. The data is stored off-campus in a non-university owned data center. The University of Iowa has an agreement with Microsoft that protects data in the following manner, making it safe for sensitive data:
- The University has a signed Business Associate's Agreement (BAA) with Microsoft to reasonably safeguard personal data against inappropriate use and or disclosure.
- There is system wide auditing turned on OneDrive for Business which allows administrators to audit activity.
- Files are encrypted both at rest (in OneDrive storage) and in transit (between your workstation and the cloud).
If you wish to share sensitive data with someone, please share "with specific people" which will add a validation code for outside people and not allow the link to be shared with anyone else.
If you want to add one more level of security, such as when sharing a file with someone outside of the University, you may zip the file up and add a password. Then share the file, and send the zip password in a separate email.
Contact your IT support person or the ITS Help Desk for further information.