With cloud storage being used more and more often for personal and business purposes, it’s normal to wonder how secure your files are in programs like One Drive and SharePoint Online. While it is possible for a hacker to access such secured cloud storage, it is highly unlikely to occur. Both One Drive and SharePoint Online have multiple layers of security, so there are no one-shot means to sneak into storage. Such an effort would be more on the scale of a Mission Impossible scene.
Office 365 has five different layers of security: access security, application security, data security, physical data center security, and network security. These layers make it virtually impenetrable. SharePoint Online is set up in a similar manner, but what really makes these cloud storage solutions uber-safe is the extremely limited ways for data to go in and out, and that data is encrypted whenever it is vulnerable. There are only two ways a file can enter or exit these programs: when the client communicates with the server and when a file moves between data centers. At both times, the information in a file is encoded, so it wouldn’t make any sense even if someone managed to intercept a file in transit.
That doesn’t mean there aren’t security measures in place when your sensitive files are sitting in storage. even when not in transit, a file is encrypted. Two types of encryption for stored files exist in both Office 365 and SharePoint Online: BitLocker disk-level encryption and per-file encryption. BitLocker is a blanket-style encryption which encrypts everything on the disk. Per-file encryption creates individual encryption keys for every file and each update to files, then puts the keys in code and stores them in a totally different location than the files themselves.
So, in order for someone to access stored files in either One Drive or SharePoint Online without the proper login credentials, there would need to be a lot of legwork. A hacker would not only have to access each update to a file and decode them, but also locate the proper keys, crack their codes, and then piece all of the little pieces together in a way that makes sense.