Data protection in OneDrive and iCloud: the differences and similarities

Published April 15, 2019   |   

The proliferation of cloud storage platforms has transformed the way in which many of us work.

This is not surprising, considering that 73 percent of companies questioned for a survey, depend on at least one cloud-based application. This figure is expected to keep rising, and it is easy to see why – storing and managing files in a cloud-based platform offers a wealth of benefits. These benefits include access to documents that can be restricted to key players only, real-time collaboration which encourages teamwork, and sharing of files with groups in just a click or two. The list goes on.

However, data protection is a major concern for all of us. Hackers can find ways to access files in the cloud and disrupt services, causing many problems if unaddressed. Data breaches can remain undetected for as many as 191 days on average, and it takes a further 66 days to fully contain it.

OneDrive and iCloud are two of the most popular cloud storage solutions, with millions of users worldwide. But what levels of data protection do they provide for customers?

iCloud: how does Apple’s Cloud Storage Platform perform?

Apple; its name alone inspires confidence in buyers, providing valuable peace of mind when choosing any product or service. However, it is well known that iCloud, Apple’s cloud storage platform, has been subject to cyber attacks. One of the most notorious attacks saw the privacy of high-profile celebrities like Jennifer Lawrence and Kirsten Dunst invaded in a very public way.

While these occasional breaches do occur,  Apple does take users’ security seriously and offers impressive options to boost their data safety, such as two-factor authentication.

How does this work? Well, signing into iCloud on any new device for the first time (such as your iPhone, iPad, etc.) will prompt the platform to request a password and a six-digit code. Two-factor authentication is becoming increasingly common across different platforms and applications and is worth utilizing.

The extra work required to access your data when logging in on a different device may seem like a minor inconvenience, but it’s a reliable security feature that can help safeguard your data. Your logins will be far harder to guess, and if someone has access to your password, they still will not be able to breach your account without the information required to complete the process.

All data is protected using TLS/SSL and 128-bit AES. While this is inferior to the stronger AES 256-bit alternative, it is still a trustworthy addition.

iCloud also takes advantage of end-to-end encryption. This is designed to maximize the security of all data being transmitted and to minimize the danger of unauthorized users accessing it. If you activate the optional two-factor authentication feature, you will benefit from this high-level encryption.

Another aspect of iCloud’s data protection is Keychain. This is designed to manage critical and sensitive types of data such as credit card details and passwords. It also protects data from applications you may use regularly, such as your contacts, messages, and applications on your MacBook as well, making data across devices more secure. Additionally, Apple has no access to your Keychain encryption keys as they are established on personal devices only, adding an extra level of assurance.

Microsoft OneDrive: How secure is your data with OneDrive?

Like Apple, Microsoft is a corporate giant with a long and proud history of great products and service. Its OneDrive cloud storage platform is incredibly popular and offers some solid features, but how does its data security compare to iCloud’s?

In OneDrive, data is protected with SSL encryption. However, there is a slightly controversial issue with this, if the data is sitting in your account and not being used directly. To put it simply, OneDrive will not encrypt your data with SSL when it is ‘at rest’ unless you are a business customer. While most companies using OneDrive will invest in a business account, small enterprises may prefer to use the free version (which gives you 5GB). This leaves some people wary about the safety of information in their files and spreadsheets when they are away from the office.

Additionally, OneDrive includes a feature which syncs all attachments in Outlook to the cloud, causing potential security issues if users add sensitive data to the cloud without realizing.

However, OneDrive’s security does have its merits. Business-account holders benefit from encryption on a file-by-file basis. If a single file is hacked by a cyber-attacker, only that particular will be affected. Other files should stay safe, minimizing the potential damage an attack could inflict on their operations.

Like iCloud, OneDrive also offers two-step verification as another way to reinforce your account’s security. This must be manually activated, though; it is not automatically in place. Signing into your account from a new device prompts Microsoft to send a security code to you, which must be entered in the login page. An authenticator app is available too, though it is not essential.


There are a number of similarities and differences between iCloud and OneDrive. iCloud’s at-rest encryption is a big benefit if you only depend on its security without additional measures (firewalls etc.). Rest assured, your data is being protected even when it’s idle.

For business account holders, OneDrive offers a significant advantage over iCloud with its per-file security in addition to its at-rest encryption. Having each file encrypted individually can prevent a single compromised file from infecting others. If you are not willing or able to invest in a business account however, your idle data could be vulnerable.

Both platforms offer two-factor authentication as a security measure and it is a helpful feature worth activating. iCloud’s Keychain system cannot be overlooked either.

Apple and Microsoft are both clearly committed to helping their customers’ data stay safe in an age when hacks are so commonplace. It is hard to say if one is better than the other; just ensure to exercise extreme caution with data in the cloud. No matter how safe a cloud storage platform is, complacency and human error can still leave your data vulnerable.