Blogs about: Microsoft Teams, backgrounds, Intune, OneDrive, Exchange, Azure AD, Windows 10, Security, Tenant, Exchange, best-practice, tips and & tricks

The benefits of documents in the Cloud versus on-premises

Do you recognize the discussion of whether it is safe to put files in Office 365 files? The short answer is YES. You can read the long answer in this blog.

The preparatory phase

The first question to answer is: Why do you want to move away from your current file server?

Often the answer is that it is no longer workable to collaborate on documents.

Accessing files remotely over VPN is old-fashioned. File servers often don't have much value beyond a static location on a server.

In addition, documents are often shared by e-mail for efficient transfer to colleagues.

Backup of documents is relatively easy on-premises compared to O365 where version control (default in Office 365, to be enabled) and backup must be provided. (Not included by default)

Additional security is necessary

The reason we often do not want to migrate documents is because our Office 365 environment is not set up to be more secure(er) than the current closed environment that can only be accessed via secure VPN.

One recommendation here is to enable Multi-Factor Authentication and audit capabilities so you can keep control of identities and documents within Office 365. You can often even provide a more secure environment than on-premises because the controls are built in by default.

The added value of migrating documents

The most important driver for performing document migration is data control within Office 365. You have the ability to build in data control to classify or label documents with a label that says, for example: confidential.

This tag ensures that if documents with sensitive data - such as personal data will be placed on OneDrive, Teams or SharePoint that this document will get a tag so extra security.

If these labeled documents are shared with the outside world by email. Do these remain protected by policy and cannot be opened by persons who should not have access.

Below you can see standard built-in dashboard of labeling on Microsoft proposed data classifications. These are examples of standard included labels.

Often with thinks that it is necessary to manually assign labels. This is actually not necessary. You can build in autonomy so that some people or everyone gets labels that are desired.

Some examples:

International Classification of Diseases (ICD-10-CM)
Credit Card Number
U.S. Bank Account Number
EU Debit Card Number
U.S. Social Security Number (SSN)
EU Social Security Number (SSN) or Equivalent ID
International Classification of Diseases (ICD-9-CM)
U.S. Driver's License Number
U.S. / U.K. Passport Number
EU Passport Number
EU Driver's License Number
Taiwan Passport Number


Documents are now not secure saved

"Document data is the new gold anno 2020". We view document data as static. A document we can share today by email, whatsapp, but also with Teams, OneDrive or Sharepoint that I call "public documents."

We decided that these documents would be available to the Internet, right?

Actually, we don't. We put organization-critical documents on file servers that we don't share with unauthorized departments or people outside the organization.

We have top-secret folders for just one important project. When we need to publish this crucial data with external processors, we share it via wetransfer.com. Because we often fail to share these in a "secure" way.

The essence is lost, documents are not safe. Certainly not on a file server. The file server that the entire organization can take an export from. This extra step of data-security is really necessary.

Document labeling and classifying as "organization," "External" & "public" can solve 99% of data exfiltration incidents. It shouldn't matter if someone accidentally leaks crucial company data. Right?

Microsoft is market leader in Enterprise Information Archiving

Microsoft is leading in Enterprise Information archiving. A first for transforming your organization to take control of data and information.

Gartner estimates, "By 2023, 45 percent of enterprise customers will adopt an enterprise information archiving (EIA) solution to meet new requirements driven by data privacy regulations; this is a major increase from five percent in 2019."


Dropbox, Box, WeTransfer is massively used and not properly tuned up

on-premise file servers was a good solution - but privately and professionally we share more files, photos and confidential items with less trusted services. Just like with our file servers.

We have no control mechanism on static data on file servers. no audit trails, logs.

Use Microsoft's built-in solution to discover critical data

Microsoft has information protection mechanisms to map all data.

Even if you only use it for insight. Because this cannot be done so easily on other systems.

Use Cloud App Security to create insights into organizational data

Thanks to Microsoft's Cloud App Security report, your organization is able to view insights from the current usage of third-party vendors.

Understanding the use of WeTransfer, Dropbox is important, as are security risks.

Integrate ATP with CASB and create the insights into your data.

Import your firewall logs to understand what your organization is using today outside of the "known" vendors.



Create insights into the current environment. Understand data flows. It is naive to think that third-party tools and platforms are not used to share files inside and outside the organization.

Static data is not modern and can be leaked at 1 second.

Information protection can automatically label sensitive data based on its content. And if it were leaked, prevent the sender from reading it.

Here's a quick read of 10 reasons to put documents in the Cloud. Whether it's OneDrive or SharePoint or Teams . Underlying the technology is the same.

In addition to the benefits of OneDrive, Teams & SharePoint it's best to work on your digital workplace as well.

About the author

Tagged: , , , , , , ,
0 0 vote
Article review
Please let us know if there are

Inline feedbacks
See all comments
Would love to know your thoughts, please leave a comment.x