OneDrive Personal Vault employee access

Hi,

Does anyone know if MS support employees have access to it? This has always been my fear of using something vendor-provided. Didn't it come out recently that tech support employees had access to consumer customer's email accounts?

I have been using Boxcryptor for years, but I've always used my own key, not one stored with them. I use it for financial documents and 2fa recovery keys, QR codes, PGP stuff, etc. I would honestly feel like it was safer using OneDrive instead of Boxcryptor, which requires a third-party virtual file system driver (CBFS Connect). I think there's probably less likelihood of file corruption due to a bug or something sticking with something like OneDrive. I do worry about losing to corruption content that's encrypted by me, so I regularly copy my encrypted files from the cloud to a local location unencrypted as a backup.

I've also read that MS does automated scanning of OneDrive for illegal content, which obviously requires full access. I have searched for any sort of MS documentation that on the new Personal Vault that definitively states one way or another, but so far I've found nothing.

They might say no, but you never know. There is no way to actually know the truth. Personally I don´t think they have a bunch of people snooping around your personal files.

Since you are asking about consumer technologies, I am a going to avoid talking about business products, other than to say that if you use Office365 business plans, OneDrive for Business, Exchange Online, etc., your employers can see whatever they want at any time. Every time they do this, it is logged. Everything you do is also logged. PersonalVault is not for these business products, so I will say no more about that.

Regular support employees are simultaneously given access to a vast amount of information, and they are also restricted in what they can see, and what they can do with the information that they can see. I do not see any way that a regular support employee would ever be able to access your PersonalVault. The only way they would see that content is if you allowed them to remotely access your computer (with full control), and then you chose yourself to unlock your PersonalVault.

I haven't found the documentation yet that Microsoft crawls OneDrive for disallowed content, but if they do, it is not a human crawling your information, it is a webcrawler that is looking for patterns. It could be, hypothetically, that I have had what should be disallowed content on OneDrive for over 10 years. I was always aware of the possibility it could be flagged and/or deleted. but never had any problems.

One thing that is disturbing is the broad license in: https://www.microsoft.com/en-us/servicesagreement/
To the extent necessary to provide the Services to you and others, to protect you and the Services, and to improve Microsoft products and services, you grant to Microsoft a worldwide and royalty-free intellectual property license to use Your Content, for example, to make copies of, retain, transmit, reformat, display, and distribute via communication tools Your Content on the Services. If you publish Your Content in areas of the Service where it is available broadly online without restrictions, Your Content may appear in demonstrations or materials that promote the Service. Some of the Services are supported by advertising. Controls for how Microsoft personalizes advertising are available on the Security & privacy page of the Microsoft account management website. We do not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files, to target advertising to you. Our advertising policies are covered in detail in the Privacy Statement.

As a support person for a long time, I have seen a few bad apples over the years, but they get caught, and everything is logged for future legal prosecution.

I didn't know this, but apparently you need to subscribe to Office35 for this even to work with more than 3 files. Even the paid OneDrive plans don't allow more than 3 files. Looks like I'll keep on using other options.

sygnus21 said:

Where'd you get this info from? Cause that's not exactly correct as I certainly have more than 3 files in my Vault. And yes, I've a paid plan (Office 365 University).

https://www.microsoft.com/en-us/micr...ional-storage/

It's under 'Current availability':

"If you are using OneDrive’s free or standalone 100 GB plan, you can try Personal Vault with a limited number of files. Office 365 subscribers can store as many files as they want in Personal Vault, up to their storage limit."

I think this is the paid plan he's referring.

sygnus21 said:

It does not say "don't allow more than 3 files" which is what I was questioning.

I and other's without 365 got the 3 file limit message on activation back in September.

Personal Vault

Here's a Microsoft link that @Brink sent from that thread that's less evasive and more specific.

Protect your OneDrive files in Personal Vault - OneDrive



'Upload files or folders to Personal Vault

If you don't have an Office 365 Home or Personal subscription, you can only add up to three files in your Personal Vault. If you do have a subscription, you can add as many files as you want (up to your storage limit).'