Hey everyone! I'm curious about OneDrive and potential security issues related to token theft. I work with various companies, some of which use Office 365, and I've been implementing stronger security measures like YubiKey FIDO2 for my clients. Here's a scenario: one client has around 300 desktops using Office 365 with standard text-based two-factor authentication. Even if some employees aren't actively using OneDrive, data gets synced from their Desktop and Documents folders. Recently, a few accounts, including some executives, got compromised due to stolen tokens. This meant that not only their emails were exposed, but everything in their synced folders was too. While I believe there needs to be a better data storage policy in place, I don't have control over that. So my main question is: does OneDrive pose a greater risk than it's worth, or is it just another tool that can be safe if used properly?
1 Answer
I think OneDrive is just as secure as any other tool, as long as you set it up correctly. Implementing conditional access policies can help protect against token theft. The onus is really on the customer to invest in security; otherwise, they’re leaving themselves open to risks.
I’d love to know more about those conditional access policies. Besides the device-bound tokens, what else can protect against token theft?