1. What is OneDrive?
OneDrive is an enterprise cloud storage solution included as part of Office 365 and allows WCM users to store electronic files in one place and collaborate with others. OneDrive enables real-time editing and collaboration tools within the Microsoft Office suite to update documents in one convenient and secure space. Documents stored in OneDrive can be shared among other OneDrive users.
2. Eligibility for OneDrive
OneDrive is offered with Weill Cornell Medicine email (Office 365) accounts.
3. Acceptable Data to Store in OneDrive
In accordance with ITS policy 11.03 – Data Classification, Weill Cornell Medicine classifies data into three risk categories: high, moderate, and low. Unlike other cloud document storage solutions, OneDrive may be used to store high risk data in addition to moderate and low risk data.
4. Accessing Data in OneDrive
OneDrive can be accessed via any web browser by going to portal.office.com with your CWID and password, then clicking the OneDrive tile. If you’re logging in from off campus, you may need to use Duo MFA. OneDrive offers mobile applications and sync clients; however, offline file synchronization is only permitted on encrypted devices which are tagged and managed by ITS.
5. Sharing and Collaboration
A prominent feature of OneDrive is the ability to share documents with others and collaborate in real-time. Sharing data is permitted between internal users, WCM affiliates (as maintained on the WCM website at https://weill.cornell.edu/our-story/affiliations), or sponsored guests (external, non-affiliated users). However, to maintain an audit trail, sharing must be with a named account (i.e., no sharing with an anonymous link).
6. OneDrive Data and Departure from WCM
If users leave WCM, they will no longer have access to their OneDrive account. Any personal documents should be migrated out of the OneDrive account prior to leaving the institution. Any documents pertaining to WCM or developed for WCM purposes cannot be removed.
7. Auditing of OneDrive Accounts
To ensure compliance with this policy, ITS will randomly audit OneDrive accounts and scan the contents with our data loss prevention (DLP) software. Any high risk data files identified to be shared beyond a minimum necessary or with anonymous users will have their sharing permissions reduced in accordance with this policy.
