Skip to main content

Microsoft’s OneDrive now has your back in a ransomware attack

Imagine logging into your computer in preparation for an important day of work, and you’re greeted with a notice that none of your files are accessible. They’re there, only locked away in strong encryption unless you pay some faraway stranger real money for the key needed decrypt them. That’s ransomware, and Microsoft is building anti-ransomware functionality into its OneDrive cloud storage solution that can help mitigate the damage.

The news comes via Microsoft’s Office blog, and it refers to a pair of features that were first introduced for OneDrive for Business and that the company is now pushing to anyone who’s signed up for an Office 365 Home or Personal subscription. The features work together to help users recover their files in the event of a ransomware attack.

First, there is ransomware detection and recovery. This feature monitors OneDrive looking for signs of a ransomware attack and then inform the user via email, mobile, or desktop notifications. Then, users are guided through a recovery process using the second feature, Files Restore.

Files Restore is a feature that allows users to restore an entire OneDrive repository to a time prior to a ransomware attack, up to 30 days before. The feature can be used to recover from a number of catastrophic events in addition to ransomware, including accidental mass deletions, file corruption, or other incidents. That means that no matter the cause, users can recover all of their OneDrive files and return to a workable state relatively quickly and easily.

Office 365 Home and Personal subscriptions both come with 1TB of storage for up to five user accounts with the Home version and a single user with the Personal version. That is likely plenty of storage for many people, at least when it comes to the most important documents, photos, and videos.

Storing these files on OneDrive can therefore be a viable disaster recovery tool. While it may not replace the need to perform regular backups, it’s easier than creating a process to keep those backups completely disconnected from a PC. After all, any files that are accessible from a PC can theoretically be included in a ransomware attack, and so merely creating a backup file to an attached drive or network attached storage (NAS) device isn’t sufficient protection.

Microsoft is also rolling out additional protections, including email encryption in, the ability to password-protect OneDrive sharing links, and forwarding restrictions on email messages. Also, links in Word, Excel, and PowerPoint documents will receive real-time checks for sites containing malware, with a redirection to a warning page prior to downloading.

Users can look for the Files Restore, encryption, and ransomware protection features over the next several weeks. The other features will roll out sometime in the near future.

Editors' Recommendations