Known folder redirection to OneDrive: What you should know
How much safer does it make your endpoint?
Microsoft recently announced a useful feature for OneDrive enterprise users. Administrators can now use Group Policy Objects to prompt users to redirect known Windows folders, such as Desktop, Documents, Pictures, Screenshots, and Camera Roll to OneDrive.
Such redirection was possible earlier as well, but by making it available via easy-to-use AD GPO, Microsoft has made life much easier for administrators.
Why is this good news? Because OneDrive for Business is inherently a sync client focused on ensuring that the contents of one folder on your endpoint (namely the OneDrive folder) are synchronized with their cloud repository.
But useful as this may be, end users tend to store their valuable data in several other places besides the OneDrive folder — and unless users were disciplined enough to place copies in OneDrive, much of this data wasn’t getting synchronized to the cloud. The automatic redirection means users can continue using the folders they normally used, while the automatic redirection ensures that they get a copy in OneDrive.
Does this ensure that users have ready access to more of their endpoint data from alternate devices and mobile devices? Absolutely yes!
Does it ensure that their endpoint data is now safer because it is “backed up” in OneDrive? Well, not entirely.
Let me explain.
Is Sync really Backup?
A sync solution is designed to ensure that data is replicated to a central repository as quickly as changes are made to it at the source. And this same data is in turn replicated immediately to other devices the user (or his/her collaborators) may be using. Sync is a productivity enhancer
A backup is designed to keep a copy of your data safe. While on the surface, both sync and backup make secondary copies of your data — they are very different in how they operate and how they are used by customers.
To illustrate, imagine that an unfavorable change occurs on an endpoint; something like a malware attack or ransomware. In such a case, the damage caused to the data on the endpoint is immediately replicated by the sync software to the cloud repository, which in turns transmits that damage to alternate devices the end user owns (or worse his/her collaborators as well). It is true that OneDrive preserves older versions of files even if the latest copies are infected/deleted by Ransomware. But recovery is painful and involves hours of laborious work, including going through each file in the OneDrive console to view and retrieve previous versions. Backup software, however, is designed to restore data back from a previous “safe” point in time and you can choose to bring back an entire folder, drive or system in a single, hassle-free step.
Why you need an Industrial Strength Backup Solution
OneDrive can substitute as a “backup” in cases of an occasional data loss, and may serve as an adequate backup solution for a small business, but if you are an organization with more than a 100 employees, you should consider getting an industrial strength endpoint backup solution. Here are a few reasons why:
You will need to backup more than just the Windows known folders
You will want to backup more than Desktop, Documents, etc. You will have employees who have D and E drives on their endpoints, or you may need to backup entire systems for regulatory compliances.
You will want to backup files that are in use
You will need to back up files that are in use. You will most likely have users who still use PSTs which are locked and in use by Outlook all the time.
You will need to backup files with special characters in their file names
A good backup solution should be capable of backing up everything that it is demanded of it. Users may be tolerant of a sync solution that may not be able to back up files because certain special characters aren’t supported in file names. But with a backup, it isn’t acceptable to ask that users rename their files simply because they can’t be protected otherwise.
You will want to ensure that users don’t tamper with and delete their backups!
Your organization could have needs to retain user backups for a period of time to satisfy internal policy or for regulatory compliance. Using a sync tool as a backup means that users are free to delete their data at any time, and essentially get rid of their backup if they choose to. That could run you afoul of compliance requirements.
You will want centralized management, control and reporting
You will need to ensure that all user systems have been backed up. If not every day, you’ll at least need to ensure that each of them successfully backed up over the last 3 days or over the last week. Having centralized reporting allows you to be assured that user data is protected at all times. You may also want to have different backup policies for different users (different folders, different file types, different schedules, etc.)
What it all means
Microsoft’s recent moves to help auto-redirect known folders to OneDrive is a welcome change. But users shouldn’t mistakenly think they have a reliable endpoint backup solution as a result. Reliable endpoint data protection still requires a solution that is designed to do Backups. At Parablu, we have not only built such a backup solution, we have even designed it such that it can use OneDrive storage as a repository. And it doesn’t stop your users from using their regular OneDrive client. So you can have the best of both worlds — use your OneDrive storage allocation, while still not compromising on the integrity of your backups. Watch this video to get more information on this.
