Share via

OneDrive is unsafe in shared or task-based PC environments due to syncing application data under user profiles.

Barry Sykes 0 Reputation points
2026-01-05T19:56:49.16+00:00

How is Microsoft addressing this design gap?

Couldn't really find a matching tag.. I'm sure this will get deep sixed.

Moved from: Community Center | Discuss the Q&A site | Site bug or problem

Microsoft 365 and Office | OneDrive | Other | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-01-05T19:56:57.04+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Microsoft addresses concerns regarding the safety of OneDrive in shared or task-based PC environments by implementing several security measures. One key approach is to limit synchronization to devices on specified domains, ensuring that only trusted devices can sync data. This is part of the broader strategy to control access to content in OneDrive and SharePoint mobile apps, which can be managed through Intune.

    Additionally, OneDrive for work or school is designed to protect data both in transit and at rest using encryption protocols such as Transport Layer Security (TLS). This ensures that data is secure during transfer and when stored. Furthermore, Microsoft has physical and network protections in place at their datacenters, which are designed to limit unauthorized access to customer data.

    For organizations concerned about data being downloaded to untrusted devices, they can configure Information Rights Management (IRM) policies on SharePoint document libraries to limit downloads and evaluate the use of Azure Information Protection (AIP) for tracking and controlling data usage.

    These measures collectively help mitigate risks associated with using OneDrive in environments where multiple users may access the same PC.

    0 comments
  2. Aron 9,685 Reputation points Independent Advisor
    2026-01-05T22:21:07.2766667+00:00

    I get why this feels like a big concern, especially on shared or task-based PCs. The root of the issue is that OneDrive is designed to sync user profile data by default, which can expose application settings or cached files when multiple people use the same machine. Microsoft addressed this by introducing Shared PC Mode in Windows, which blocks OneDrive sync entirely unless you explicitly enable a controlled version called “Shared PC Mode with OneDrive Sync.” To fix this, check if Shared PC Mode is enabled on the device and confirm whether OneDrive sync is allowed under that configuration.If you need OneDrive for certain workflows, you can enable the safe sync option through Intune or MDM by setting EnableSharedPCModeWithOneDriveSync to true, which keeps user data isolated and cleans it up after sign-out. Quick question, are you managing these PCs through Intune or group policies, or is this more of a local setup? That will determine the easiest way to apply the fix.Regards,
    Aron

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.