1.866.214.7863 | [email protected]
GenieallGenieall
Modern Secure File Management

Modern file-storage for the SME: Balancing Convenience and Security

Not too long ago, for most Microsoft centric organizations, file storage was an easy and obvious solution: a fileserver housed on-premises. At that time the largest questions revolved around the nature of redundancy and back-up of this resource. As IT professionals we responded to these challenges with redundant power supplies, network interfaces, and disks. Obviously, more sophisticated, larger organizations moved on to virtualization, hyperconvergence, clustering, and on and on. But, for small organizations – the local fileserver remained. For backups we used tape, NAS, and eventually the cloud. 

Fast forward to today, and the landscape has transformed. Many small and medium enterprises (SMEs) no longer have the on-premises file server; or if they do – then its role has changed. Now file storage is often distributed over OneDrive and SharePoint as well. But what are the use cases for these resources, how does one ensure they are being backed up, and critically, how do we secure them? 

OneDrive: Personal Productivity and Security 

OneDrive is Microsoft’s cloud-based file storage service designed primarily for individual users. Here are some key use cases: 

  • Personal File Storage: OneDrive provides a secure place to store personal files, photos, and documents. Users can access their files from any device with an internet connection. 
  • Collaboration and Sharing: OneDrive allows easy sharing of files and folders with colleagues, friends, or family. You can control permissions, set expiration dates, and collaborate on documents in real time. 
  • Offline Access: Files stored in OneDrive can be synced to local devices, enabling offline access. This is useful for travelers or those working in areas with limited connectivity. 
  • Version History: OneDrive maintains version history for files, allowing users to revert to previous versions or recover accidentally deleted content. 
  • Mobile Integration: The OneDrive app for mobile devices enables seamless access to files on the go. 

OneDrive Backup and Security Strategy: 

  • Version History:  OneDrive automatically maintains version history for files. Users can revert to previous versions or recover deleted content.
  • Backup and Security Tip: Regularly review version history and educate users on how to restore files. Additionally, ensure strong password policies and multi-factor authentication (MFA) are enabled for all user accounts accessing OneDrive. 
  • Recycle Bin:  Deleted files go to the OneDrive Recycle Bin. Items remain there for a specified period (usually 30 days).
  • Backup and Security Tip: Monitor the Recycle Bin and periodically empty it to free up storage. Additionally, implement access controls to prevent unauthorized deletion of files. 
  • External Backup Solutions:  Consider third-party backup tools that create additional backups of OneDrive data.
  • Backup and Security Tip: Schedule regular backups to an external location or cloud storage and ensure that the backup solution itself is secure and compliant with relevant regulations. Encrypt backups both in transit and at rest. 
  • Retention Policies:  Configure retention policies to retain files for a specific duration.
  • Backup and Security Tip: Customize retention settings based on organizational needs and legal requirements. Implement data loss prevention (DLP) policies to prevent sensitive data from leaving the organization. 

Security Considerations:  

  • MFA and Conditional Access: Enforce MFA for all user accounts and use conditional access policies to control access based on device, location, and other factors. 
  • Encryption: Ensure that data is encrypted both in transit (using HTTPS) and at rest (using encryption keys managed by Microsoft or, if required, by the organization). 
  • Access Controls: Implement least privilege access, giving users only the permissions they need to perform their job functions. 
  • Auditing and Monitoring: Regularly audit access logs and monitor for suspicious activity. 

SharePoint: Collaborative Power and Robust Security 

SharePoint is a powerful platform for team collaboration, content management, and intranet sites. Its use cases include: 

  • Document Libraries: SharePoint allows teams to create document libraries for centralized storage. These libraries can hold files, images, and other content. 
  • Team Sites: Teams can create dedicated SharePoint sites for projects, departments, or cross-functional collaboration. These sites include features like calendars, announcements, and task lists. 
  • Intranet Portals: SharePoint serves as an organization’s intranet portal, providing a central hub for news, policies, and company-wide communication. 
  • Custom Workflows: Organizations can design custom workflows using SharePoint Designer or Power Automate. These workflows automate processes such as approval, document review, and content publishing. 
  • Security and Permissions: SharePoint offers granular security controls, ensuring that sensitive information is accessible only to authorized users. 

SharePoint Backup and Security Strategy: 

  • Site Collection Backups:  Regularly back up entire SharePoint site collections. Use SharePoint Online Management Shell or third-party tools. 
  • Backup and Security Tip: Automate site collection backups and store them securely. Implement strong access controls for backup storage. 
  • Granular Backup:  Back up individual lists, libraries, or subsites within SharePoint.
  • Backup and Security Tip: Prioritize critical content and schedule granular backups accordingly. Use encryption for backups. 
  • Recycle Bin and Second Stage Recycle Bin:  SharePoint has both a primary and a second stage recycle bin. 
  • Backup and Security Tip: Monitor and manage these bins to prevent accidental data loss. Implement access controls to prevent unauthorized purging of recycle bins. 
  • SharePoint Online Preservation Lock:  Enable preservation lock to prevent accidental deletion or modification of critical content.
  • Backup and Security Tip: Use preservation lock judiciously for sensitive data. Ensure that only authorized personnel can enable or disable preservation locks. 
  • Geo-Redundancy:  SharePoint Online replicates data across multiple data centers for redundancy. 
  • Backup and Security Tip: Leverage this built-in redundancy for disaster recovery. Ensure that data sovereignty requirements are met. 

Security Considerations:  

  • Permissions Management: Implement a robust permissions management strategy, using groups and role-based access control (RBAC). 
  • Data Loss Prevention (DLP): Configure DLP policies to prevent sensitive data from being shared or leaked. 
  • External Sharing Policies: Carefully manage external sharing permissions to prevent unauthorized access to sensitive information. 
  • Regular Security Audits: Conduct regular security audits to identify and address vulnerabilities. 

Local File Storage: Legacy and Compliance 

While cloud services like OneDrive and SharePoint are prevalent, local file storage remains relevant. Use cases for local storage include: 

  • Legacy Systems: Some organizations still rely on legacy file servers or network-attached storage (NAS) devices for data storage. 
  • Performance-Critical Applications: Applications requiring low latency or high-speed access may benefit from local storage. 
  • Compliance and Data Sovereignty: Certain regulations or security policies mandate data storage within specific geographic boundaries. 
  • Backup and Disaster Recovery: Local storage complements cloud solutions by providing an additional layer of backup and redundancy. 
  • Large Files or Archives: Storing large files or historical archives locally can be cost-effective and efficient. 

Local File Storage Backup and Security Strategy: 

  • Regular Backups:  Schedule regular backups of local files to external drives, network shares, or cloud storage. 
  • Backup and Security Tip: Use automated backup tools to ensure consistency. Encrypt backups and implement access controls for backup storage. 
  • Incremental Backups:  Back up only changed or new files to minimize backup time and storage space.
  • Backup and Security Tip: Implement incremental backups for efficiency. Ensure that backup processes are secure. 
  • Offsite Backups:  Store backups offsite to protect against physical disasters (fire, flood, etc.).
  • Backup and Security Tip: Use cloud storage or remote servers for offsite backups. Encrypt data in transit and at rest. 
  • Test Restores:  Periodically test the restoration process to verify backup integrity.
  • Backup and Security Tip: Simulate data loss scenarios and ensure successful recovery. Include security considerations in restore testing. 

Security Considerations:  

  • Physical Security: Secure local file servers and storage devices in locked server rooms with controlled access. 
  • Network Security: Implement firewalls, intrusion detection systems (IDS), and other network security measures to protect local storage from unauthorized access. 
  • Access Controls: Use NTFS permissions and other access control mechanisms to restrict access to files and folders. 
  • Patching and Updates: Regularly patch and update operating systems and applications to address security vulnerabilities. 
  • Anti-malware: Deploy and maintain up-to-date anti-malware software on all local file servers. 

Organizations should evaluate their needs and choose the right mix of services for file storage to enhance productivity and collaboration. Technology evolves, so periodically reassess your storage and security strategy to stay aligned with business goals and industry trends. 

Finally, a comprehensive backup and security strategy combines automated tools, user education, regular testing, and continuous monitoring. Adapt these strategies to your organization’s specific needs and risk tolerance. Security must be a primary consideration in all file storage decisions. Ultimately, a proactive and layered security approach, coupled with robust backup and recovery plans, is essential for SMEs to protect their valuable data in today’s dynamic and threat-filled digital landscape. By prioritizing both accessibility and security, businesses can ensure their data remains safe, compliant, and readily available for ongoing operations and future growth.


About Genieall

Incorporated in 2012, Genieall Corporation is a privately-owned Canadian IT Services and Consulting company.  Being an ISO 27001 certified organization, Genieall provides managed and IT consulting services to companies in the Energy, Manufacturing, Construction, Health Care, and Finance verticals.

Genieall understands that IT infrastructure is fundamental to your business. For that reason, Genieall typically establishes trust with our clients by demonstrating our capabilities.

This is usually accomplished through a small engagement, urgent support requirement or consultation.

From there, our customers look to expand the support service to include both project and operational support using our Rightsourcing Model. (using the right balance of internal and external resources)

Throughout the process, Genieall’s culture of transparency, Customer-First approach along with our service model help us to establish and maintain trust.

Stay in Touch

Email: [email protected]

Phone: (866) 214-7863

Blog: /blog

Twitter: https://www.twitter.com/genieall

Instagram: https://www.instagram.com/genieall

LinkedIn: https://www.linkedin.com/company/5263470/

  • Genieall Blog
Genieall Blog

About Genieall Blog