News
        
        Microsoft Adds 'Personal Vault' Security for Consumer OneDrive Storage
        
        
        
			- By Kurt Mackie
- October 04, 2019
Microsoft announced  last week that its OneDrive cloud-based storage service for consumers now has a new security feature called "Personal Vault" that's available worldwide.
Personal Vault essentially is a "protected area in  OneDrive" that's designed for storing more sensitive files. It's notable  for requiring two-factor authentication to verify user identities before  permitting file access. Microsoft  first introduced Personal Vault back  in June. It took two years to build the feature, which was first rolled out  to limited markets in Australia, Canada and New Zealand in July, according Ryan  Hoge, a principal group program manager for OneDrive Mobile, in a  Monday Microsoft "Intrazone" talk. 
OneDrive consumer users might use Personal Vault to store  files after scanning IDs, tax documents or budgets, or it can be used to store  photos, according to Paul Diamond, a product marketing manager for OneDrive, in  the Monday talk. OneDrive's "scan and shoot" capability for capturing  photos of documents will work with Personal Vault. 
Diamond said he typically gets questions about whether Personal  Vault was added because the rest of OneDrive is insecure. "The answer is, 'No,'"  he said. Microsoft already includes a number of security features in OneDrive,  including ransomware detection and recovery, suspicious login monitoring, file  encryption at rest and transit, mass file deletion notification, virus scanning  on download for known threats and version history for all file types. OneDrive  also has password-protected sharing links, as well as expired sharing links,  Diamond added.
OneDrive users will know that they have access to  Personal Vault because it'll show up as a gray vault-like icon in a OneDrive  application. 
  The Personal Vault icon in OneDrive for consumer users  (source: Sept. 30, 2019 Microsoft blog post).
  The Personal Vault icon in OneDrive for consumer users  (source: Sept. 30, 2019 Microsoft blog post).
Storage limits using Personal Vault are based on consumer  OneDrive subscription types. For instance, Office 365 Personal or Office 365 Home  subscribers don't have any Personal Vault file storage limits beyond their general  subscription storage limits. Users of Microsoft's free consumer OneDrive plan with  5GB of storage or its "standalone" 100GB OneDrive plan are limited to  storing "up to three files in Personal Vault."
A two-factor authentication scheme, beyond a password, is  required to gain access to Personal Vault. The second factor to enable  authentication might include providing a person's "fingerprint, face, PIN,  or a code sent to you via email or SMS," Microsoft's announcement clarified. 
Personal Vault also can verify user identities via the Microsoft  Authenticator App, according to Diamond. He added that "we ask browsers  not to cache information" when browsers are used to access Personal Vault.  Hoge said that Personal Vault will work with various biometric access  authentication methods on mobile devices, too.
For Windows 10 PCs, Personal Vault uses BitLocker  encryption, which is Microsoft's drive encryption technology. Personal Vault restricts  file sharing by default and will automatically lock document access after a  period of inactivity. Users can set that inactivity interval, if wanted. 
Personal Vault is available in OneDrive  applications for Android 6.0 or higher devices, as well as iOS 11.3 or higher  devices. It's also available with OneDrive on the PC or the OneDrive.com  service accessed through a browser.
        
        
        
        
        
        
        
        
        
        
        
        
            
        
        
                
                    About the Author
                    
                
                    
                    Kurt Mackie is senior news producer for 1105 Media's Converge360 group.