BU OneDrive is approved to store Confidential and Restricted Use information. Important information below.

  • The BU version of OneDrive has been approved to store Confidential and Restricted Use information owned or used by Boston University, including FERPA and HIPAA. For definitions of Confidential and Restricted Use information, consult the Data Protection Standards.
  • Important:
    • only the BU version of OneDrive is approved, not the consumer version of OneDrive.
    • To properly protect sensitive information, you must understand OneDrive security and set it up correctly. Continue reading to learn how.
    • OneDrive allows you to automatically sync your files across multiple devices. This means that sensitive data could inadvertently end up on an insecure machine. If you are going to put Restricted Use data on OneDrive, we strongly recommend that you do not sync it to any additional locations. Any device you sync Restricted Use data to must be encrypted, require a password and meet the other Minimum Security Standards.

Manage who can view or edit your OneDrive files

By default, only you can access the files on your OneDrive–you and anyone that can access that device. When you share files, it is important you understand how you’re doing so, avoiding accidentally giving people inappropriate access to sensitive information. To do this:

  1. Go to OneDrive and sign in to your account.
  2. Right-click the folder or files you want to share, and click Share.
    Screen shot showing file sharing options
    • Important: if you are sharing a folder you are also sharing any sub folder in that directory. Consider limiting sharing capabilities to folders that contain only information you intend to let others view.
  3. Enter the names of the people you want to share with and a message, if you want.
    onedrive_share_1
  4. (Optional) Click the drop down list to change the type of link. The Details pane opens, where you can change who can access the link and whether people can edit the item you’re sharing.
    onedrive_share_2
    Options for Who would you like this link to work for:

    • Anyone gives access to anyone who receives this link, whether they receive it directly from you or forwarded from someone else. This may include people outside of your organization.
    • People in Boston University gives everyone with a BU login name access to the link, whether they receive it directly from you or forwarded from someone else.
    • Specific people gives access only to the people you specify, although other people may already have access. If people forward the sharing invitation, only people who already have access to the item will be able to use the link.

    By default, Allow editing is turned on. If you want people to only view your files, uncheck the check box.

    When you’re done, click Apply.

  5. When you’re ready to send the link, click Send.

Manage OneDrive File Syncing

If you decide to sync OneDrive across multiple devices, be sure the security on the devices that your information is synced with meets the Minimum Security Standards. Syncing across multiple devices inherently creates the potential for unintended data leakage; syncing Confidential or Restricted Use data is therefore strongly discouraged.  Always take caution when transmitting sensitive information.

By default, OneDrive is set up to sync all files and folders but you have the ability to customize what is synced.

  1. Open your OneDrive app settings and navigate to Sync Settings.

    onedrive sync settings
  2. Choose which folder(s) you decide to sync. Stop syncing any folders you choose.

    onedrive stop syncing