In the last part of this series, I’ll cover the IT management features in OneDrive for Business. In particular, I will discuss compliance, backup, single sign-on, multi-factor authentication, Rights Management Service (RMS), mobile apps, and Office Mobile.

One of the primary reasons for implementing a solution like OneDrive for Business is to bring cloud services that end users want, under the control of IT, while still giving the users the features they need to perform their job functions. Following are a few of the IT management features included with OneDrive for Business and Office 365.


If your organization has compliance requirements, OneDrive for Business (as part of Office 365) has been independently verified to be compliant with ISO 27001, Federal Information Security Management Act (FISMA), HIPAA, HIPAA BAA, EU Model Clauses, and EU Safe Harbor.


As we covered in Part 3, files in OneDrive for Business are versioned, and past versions can be recovered in the web client. Files deleted in OneDrive for Business are placed into the Recycle Bin and can be restored for up to 90 days in the web client. Files deleted from the Recycle Bin will go into the “deleted from end user” Recycle Bin for an additional 90 days, making a total of 180 days that a deleted file can be recovered. Although Microsoft does retain backups of your data and keeps copies in multiple data centers, the Recycle Bin is going to be the method you’ll need to use to recover files. Third parties exist that will archive files from OneDrive for Business for an additional cost.

Single sign-on

OneDrive for Business (as part of Office 365) supports Single Sign-on using DirSync and Active Directory Federation Services (ADFS). This allows your end users to use their work Active Directory credentials when accessing their files in OneDrive for Business. This also allows IT to revoke access if a user’s credentials become compromised or as employees depart the organization.

Multi-factor authentication

The Office 365 plans for Midsize Business, Enterprise, Academic, and Nonprofit support multi-factor authentication at no additional cost. The second factor can be a call to a mobile phone, a text to a mobile phone, a call to an office phone, an app notification, or a one-time code in an app.

Rights Management Service (RMS)

The Office 365 plans for Enterprise (E3 and E4) and Education (A3 and A4) include Rights Management Service (RMS). RMS allows files to be encrypted and protected on an individual basis outside of normal file system permissions. Files can be individually restricted to specified internal or external users. You can also control how users act on the files (that is, print, edit, forward, etc.).

Mobile apps

Mobile apps to access OneDrive for Business are available for Windows 8.1 and iOS.

OneDrive for Business on Windows 8.1

OneDrive for Business on Windows 8.1
OneDrive for Business on iOS

OneDrive for Business on iOS

Office Mobile

OneDrive for Business files can be accessed in Office Mobile for Android phones, Office on Windows Phone, Office Mobile for iPhone, and Office for iPad (Word, Excel, and PowerPoint).

Final thoughts

OneDrive for Business is definitely a good start for business “cloud” file storage. If your environment has Macs, the lack of a sync tool for your Macs is definitely going to be a concern. Overall, I’ve been very happy with the product so far in my mostly Windows environment; I look forward to seeing where Microsoft goes with it. As I said earlier in this series, if you have issues, make sure to log a support request directly in the Office 365 Admin Center or with your TAM. Microsoft does consider feedback for Office 365 and uses it to improve the product. The more feedback they receive, the more likely they are to make improvements based on that feedback.


Leave a reply

Please enclose code in pre tags

Your email address will not be published.


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account