Three types of “backup” that are important to understand
In previous articles, I’ve outlined how you should avoid the OneDrive backup “feature” like the plague and how you can use OneDrive for nearly continuous backup (even though OneDrive by itself is not really a backup).
It’s confusing because these are all different things. I might even say they are completely different and unrelated things.
The source of confusion is that they all use the word backup.
Become a Patron of Ask Leo! and go ad-free!
OneDrive backup versus backup
OneDrive is a file synchronization tool, not a backup service. While it can act as a kind of backup function, its misleading backup feature can cause data loss and confusion. For a robust backup strategy, use tools specifically built for backing up and avoid enabling OneDrive’s so-called backup feature. Use OneDrive, but use it with care.
What OneDrive does
At its core, OneDrive is a file synchronization application1. That means its primary job is to keep files in two locations in sync with one another.
- If you change a file in the OneDrive folder on your PC, that change is reflected in OneDrive.com online.
- If you change a file in OneDrive.com online, that change is reflected in the OneDrive folder on your PC.
“Change” here means adding, editing, or deleting a file. Do any of those in one place and it will be mirrored in the other.
That’s it. That’s all. Make a change here, that change is made over there. That’s OneDrive in a nutshell.
Related
How OneDrive Works: the Very Basics
OneDrive is a free, useful service. Learn the basics here.#142445
The three OneDrive “backups”
I’ll go into each in more detail, but in summary:
- Automatic file syncronization online backs up your work in progress in close to real time.
- OneDrive itself is a single point of failure, so can’t really count as a true, long term, backup system.
- OneDrive’s backup “feature”, which is something separate, tries to leverage file synchronization, but introduces confusion and possible data loss.
Let’s look at each.
How OneDrive is kind of a backup
Imagine the following scenario: you’re working on an important document that is saved somewhere within your OneDrive folder. Each time you change that document, OneDrive automatically uploads the changes to OneDrive.com, where they’re reflected in the file’s copy online.
Now imagine your hard drive dies or you lose your laptop when you’re traveling. You lose everything.
Except you don’t. The document you’ve been working on is still at OneDrive.com online. You replace the hard drive or the computer, download the file, and resume where you left off. It’s as if nothing happened to the document at all.
Because nothing did. OneDrive file syncronization was acting as a backup, copying your file online.2
That’s using OneDrive for backup.
How OneDrive is not a backup
Imagine you’re working on an important document stored somewhere in your OneDrive folder. As before, changes are continuously reflected in the copy of the document online.
Now imagine that your Microsoft account is compromised. A hacker gains access, and before you know it, they delete everything in your OneDrive. Since OneDrive is synchronized with your PC, everything is deleted there as well. All the copies of your important document are gone.
In this scenario, OneDrive is very much one place, and as we know, if it’s in only one place, it’s not backed up. OneDrive did not protect you from losing your data. That’s not a backup.
Related
The Problem With OneDrive Backup
OneDrive's backup function is broken. I'll explain why and what to do about it.#156972
How OneDrive’s backup “feature” is a confusing mess
To add to the confusion, Microsoft heavily pushes a OneDrive feature that is called backup.
When you allow this feature to be turned on:
- Your Documents folder, previously outside of OneDrive, is moved inside your OneDrive folder.
- Your Pictures folder, previously outside of OneDrive, is moved inside your OneDrive folder.
- Your Desktop folder, previously outside of OneDrive, is moved inside your OneDrive folder.
- Other folders may also be affected.
That’s it.
Microsoft calls this a backup because once these folders are within the OneDrive folder, OneDrive synchronizes their contents with your OneDrive.com storage online. This is how OneDrive serves as a kind of backup, as I described above.
The problem is that this happens regardless of how much online storage you have and whether your existing files exceed that capacity. What’s worse, if you turn the feature off, the contents of those folders are not moved back. You’ll still exceed your online capacity and risk actually losing your data.
I keep calling this the OneDrive backup “feature” (in quotes) because it’s not a feature at all. It should not be turned on3 no matter how strongly Microsoft suggests it, and they do suggest it strongly. It’s simply too risky and too confusing.
You can use OneDrive as a kind of backup, as I outlined above, but you don’t need this additional backup “feature” to do it.
OneDrive as part of a healthy breakfast
This “kind of” backup and the thing that Microsoft calls a backup only makes things confusing. It could even lead to data loss.
What to do?
Here’s my suggested recipe for a healthy backup strategy including OneDrive.
- Create monthly full image backups to an external drive using a tool such as Macrium Reflect, EaseUS Todo, or similar.
- Create daily incremental image backups using the same tool.
- Optionally, enable File History.
- Save all your work in progress somewhere within the OneDrive folder on your machine. Make sure the OneDrive app is running and synchronizing with OneDrive.com online.
Full protection against almost any disaster.
Related
How to Back Up Windows
Using free and included tools, here's how to back up Windows and all your data in eight easy steps.#30103
Avoiding OneDrive altogether
An alternative is to avoid using OneDrive completely, of course. Given how hard Microsoft is pushing OneDrive, you might think it can’t be done, but in reality, it’s possible.
- Don’t put any files anywhere within the OneDrive folder.
Seriously, that’s all you need to do. If files aren’t within the OneDrive folder, they are not affected by OneDrive. Keep everything in other folders.
Instead of files somewhere within “C:\Users\<username>\OneDrive” (the default location of your OneDrive folder), create your own folder like “C:\Users\<username>\NOTOneDrive”. Avoid the “standard” folders like Documents because of the risk that OneDrive’s backup “feature” could accidentally be enabled, moving them into OneDrive.
You can also take the following additional steps.
- Change the default “save as” location in your applications to a folder not within your OneDrive folder.
- Turn off any options in your applications to save files to OneDrive, regardless of whether a specific folder is mentioned. (Office applications seem to be prone to this approach.)
- Sign out from the OneDrive app. (Just know that Microsoft may sign you in again if you do something else with your Microsoft account on your machine.)
- Uninstall the OneDrive app completely. My only caution here is that I’ve heard that Microsoft may re-install the app with subsequent updates or upgrades.
Do this
OneDrive can be a useful tool when used properly. Unfortunately, to do that you must avoid Microsoft’s recommendations and strong-arm tactics.
It’s worth taking the time to understand how OneDrive works.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I’ve used OneDrive for years. The first thing I did and continue to do is to turn off the “Files On Demand” setting. Everything in my OneDrive folder also resides on my C:\ drive.
I also use Macrium Reflect to make image backups on a set schedule. That means my OneDrive is also getting backed up. Even though I don’t do a lot of file changes to folders in OneDrive, I also use Macrium Reflect to make File and Folder backups every 15 minutes incrementally from 8 am to 7 pm daily and a differential backup at the end of the day. I use separate drives for my image and folder backups.
I did make the mistake on enabling the OneDrive Backup “feature” once. Not only did it go after my Documents, Pictures, and Music folders, it tried to move my Videos folder as well (2.62 TB). Restoring an image backup was what it took to clean that mess up. Afterwards, each time I started the computer I had to double-check that OneDrive Backup wasn’t turned on. Microsoft has since stopped turning it on by default.
I’m in the process of learning to use an alternative to the OneDrive app to synchronize my files and won’t have to worry about Microsoft coming up with new “features”.
The “Files on Demand” setting is a device-by-device setting. If you are using a device with a small amount of storage, such as your phone, tablet, or computer with a small drive, for example, “Files on Demand” is useful.
You should have, at least, one computer with “Files on Demand” turned off to maintain a copy on at least one machine that is regularly backed up.
You are not alone. I too use OneDrive in this fashion and find in invaluable. For me, the great advantage is that I can update my documents on my main PC, my phone or on other devices using the OneDrive web interface. I also have an MS Office subscription and am well below the storage limit.
As a bonus, I have photos from my iPhone automatically uploaded to OneDrive so they are easily accessed on my Windows PC. (I also use SmugMug and PhotoSync but that’s another story)
I my view, OneDrive is great as long as you understand how it works.
I’ve stopped using OneDrive all together. First, I set OneDrive up to make all my files available on my computers, so they’re both on OneDrive, and on my computers, then I copied all my files from the OneDrive folder to an external drive (for safe keeping). Next, I made sure the Files on Demand feature was disabled, then I disabled the file sync feature, and deleted all my files from OneDrive online. My next and final steps were to sign out of OneDrive, and uninstall the OneDrive app.
Before I stopped using OneDrive, I found another cloud service that provides 20GB storage in their free plan at mega.nz. They offer/provide a free desktop app (MEGAsync) for managing/configuring my cloud storage services. I experimented with it in my GNU/Linux installations (on three PCs) for several months, then when I was satisfied with mega’s stability/functionality, I completed the steps above to quit using OneDrive, and set up MEGAsync permanently on both my Windows and GNU/Linux installations on all three of my PCs.
Today, I have Windows-only folders, GNU/Linux-only directories, and general-use folders/directories on mega.nz (to make things easier when/if I decide to drop Windows all together). My Windows-only folders are WinDocs (for Documents), and WinPics (for Pictures). My GNU/Linux-only directories are Documents and Pictures (because I set them up in GNU/Linux while I was testing the service). My general-use folders/directories in both Windows and GNU/Linux are Music, Videos, and resources. The content of my Music and Videos folders/directories are obvious. In resources, I store files I want to directly access from both OSes, using desktop shortcuts/icons. Examples are a To Do list text file, a Phone Numbers text file, and a few others.
I’ve been using mega.nz for more than a year now, and I’ve been very happy with it. When I downloaded and installed the desktop app, mega increased my storage limit by 5GB (to 25GB), but the increase ended after a year, so don’t depend on that amount of storage unless you intend to upgrade to a paid plan, sooner or later. I don’t use anywhere near 20GB of storage, so the free plan is perfect for me. YMMV.
In addition to mega.nz cloud storage, I use Macrium Reflect free (downloaded from the OlderGeeks website – https://oldergeeks.com/). Note that you’ll find the download link for any app on the website at the bottom of the app’s download page. I’ve configured Macrium Reflect to create weekly backup sets, consisting of a full system image, and six differential images. I keep four backup sets so I can access any file I’ve created/modified within the past twenty-eight days.
This is how I back up my computers and make all my files available on all three of my computers (a desktop and two laptops), using both Windows and GNU/Linux on all three. I hope something I’ve written here helps others,
Ernie (Oldster)
One thing not said in this series on OneDrive is that Microsoft can read your files. There are competing services that are unable to read your cloud-resident files.
Microsoft claims not to read your files, in the same way other services claim not to read your files. It’s more about trust than ability.
Encryption will prevent your files from being read by Microsoft, Google, or any cloud sync service. Microsoft even has the ability to read anything on your computer. I “trust” them because of the fines, any company that reads your files would have to pay would put them out of business and land people in jail. I don’t believe a multibillion-dollar company would risk that.
Mark Jacobs: “…put them out of business and land people in jail …” .
Are you new to the U.S. and the way it works?
Heck, not even in the EU. Certainly not Microsoft or Google.
Oh, by the way, Microsoft tells us that it does read your information so that it can improve your experience for features such as Copilot and Recall.
Could you provide a link to where Microsoft says that please?
Leo, you don’t want me to provide you with a website as “evidence”. I’ll explain.
First about Copilot: Please look up my comment on your article “how-do-i-get-rid-of-copilot”. Copilot is a glorified search engine. For it to do it’s glorification it needs you to be logged into your Microsoft account so it can look into your emails, messages, 365, OneDrive, etc. Google it.
As for Recall, I shouldn’t have to tell you that Recall looks into your screenshots of everything. What matters is that Microsoft collects the information, not what they claim they do with it (today). Microsoft does say that Recall uses Copilot to search through the Recall data. Remember that Recall was originally developed to collect information and share it with Microsoft. It boils down to trust and looking at the trajectory (history) of money-motivated business decisions. You choose to believe and trust. I don’t. No Microsoft statement today is going to change that. If you choose to believe these data gathering activities are innocuous, non-invasive, harmless, and will go no further, that’s your prerogative. Give it all away (actually, so will I because I have no choice if I want to use Windows).
You can choose to believe everything Microsoft (or any of the other giants) tells you, but let’s not arbitrarily pick sides. For example, in your article about “why-im-switching-to-signal” you decided that now you don’t trust the claimed privacy and encryption by Whatsapp, Messenger, and iMessages, but suddenly you heard something good about Signal and believe Signal to be trustworthy. How long is that going to last? Where are all your cited websites certifying that Signal to be the gold standard of privacy? Did Signal say that? What made you believe Signal now and stop believing, say Google Messages, even though Google claims privacy and encryption?
The point is that all our allegiances to certain apps or companies are contrived, arbitrary and fleeting. Remember LastPass? Remember the last Windows. We form opinions based on what websites we happen to come across. None of these companies are in business to do you or me a favor.
So, providing you with specific websites is silly, even if it’s a Microsoft website. Firstly, I don’t have time for a new research project to recover everything I’ve come across online. Secondly, no matter what website I provide you it’s not going to convince you of anything, because you believe what you believe, as I do with my skeptical beliefs.
A small correction. Signal is open source. You can trust and verify it.
I think you’re kinda missing my point.
I hear from dozens of people every day screaming that Microsoft/Google/NSA/TLA/whatever is now, currently, actively, stealing, scanning, collecting their personal data. I just want evidence, that’s all. I don’t want to feed unnecessary paranoia. There is SO MUCH UNWARRANTED PARANOIA, I want data. It’s who I am. Provide proof. Provide evidence. (Burden of proof remains on those making claims. “The burden of proof is usually on the person who brings a claim in a dispute. It is often associated with the Latin maxim semper necessitas probandi incumbit ei qui agit, a translation of which is: “the necessity of proof always lies with the person who lays charges.”” – Wikipedia)
Recall’s a great example. IT IS NOT collecting data on machines, UNLESS: that machine is a CoPilot+ machine, AND the owner of that machine has turned it on. I choose to believe that, because if it were not true, then there would be serious blow back when (not if) that was discovered. If there is proof, I want to see that proof, not just “concerns”, “I don’t trust”, or “based on their reputation” statements. Hell, if there is proof I want to be part of the blowback.
I want people to be concerned about (and act on) actual, not imagined threats. “Actual” implies proof, or some other official statements of behavior.
Signal’s another great example. Most people don’t need it. Many people do. I’m sure you’ll agree that there are absolutely cases of formerly secure apps (Telegram) handing over information, and other cases of the parent companies (Meta) not protecting our privacy as they should. There are people in sensitive positions who should absolutely not be using Telegram or Messenger or WhatsApp or SMS to communicate. Signal is, currently, secure. Open source and with no data collection whatsoever. For those people who need it, it’s a viable solution today. (One of several, as people keep pointing out.)
My reason for Signal is simply this: there is evidence that it’s necessary for certain classes of people today. There is evidence that some governments and organizations are actively attempting to reach further into their employees and citizens lives. Based on the trends shown by that evidence, it seems prudent to at least have the discussion so people can make decisions for themselves.
Could Signal ever be compromised? Of course. ANYTHING is possible at any time. All we can do is make the best decisions with the information (aka evidence) we have at the moment. If you constantly expect and believe the worst, then I don’t see how there’s any way for you to even be online.
Current evaluations of Signal from trusted third parties include the EFF, a 2016 security audit by International Association for Cryptologic Research (https://eprint.iacr.org/2016/1013.pdf), Edward Snowden (https://x.com/snowden/status/1347217810368442368), the US Senate Sergeant at Arms in 2017 (https://www.zdnet.com/article/in-encryption-push-senate-approves-signal-for-encrypted-messaging/), many (MANY) major news outlets offering Signal as a method to securely contact them, the EU Commission (https://www.politico.eu/article/eu-commission-to-staff-switch-to-signal-messaging-app/), and so on. I consider that to be quite the collection of positive endorsements.
That possibility is why I use Cryptomator. Files in my OneDrive folder I consider to be sensitive are kept in a Cryptomator vault.
If you choose to use it, be aware that moving files into the vault will set off all kinds of ransomware warnings from Microsoft as Cryptomator encrypts those files.
I’m more concerned that someone, somehow gains access to my Microsoft account than Microsoft being able to read my files. And my Microsoft account is locked down six ways to Sunday.
What if you already enabled the OneDrive backup feature. How to safely turn it off?
Leo, have you ever tried to ‘download’ large files from OneDrive to a device or any external media connected to it, so you have another physical copy? It can take ages, even days sometimes and download speeds can crawl to zero. Now I wonder why that might be..
I do this often, and without noticeable speed issues. Not sure what to tell you.
After resisting for a long time due to not understanding how it worked, I gave in and allowed OneDrive to take over my Documents, Desktop and Pictures folder, disabled files on demand, and it works for me. I backup OneDrive online with IDrive, and locally with Reflect image backups. The 1TB that comes with MS365 Business Standard is plenty.
My DOD-related company started mandated use of OneDrive in October-2024 to “enhance security” and data control IAW with “DOD cyber-security requirements.” I can no longer readily, quickly, or easily access, read, or print my (many!) work-related files, nor download them to another machine. In essence I have lost contol of MY DATA. I therefore deleted ALL files and directories on my company machine. I now use it only to access work-related email on their now “very secure” system and network. And I now use a local non-company machine to do all my work. I periodically — every few weeks or so — copy all my directories and files to an external hard drive as protection/backup. It’s your choice on how you want to access, save, and protect YOUR data. And who you want to trust with it. In my case “cyber security” has effectively prevented job accomplishment on company-related machines and networks (both on my company machne/network and those of my prime DOD contractor). There are “work-arounds” such has putting your data, VMs, scripts, etc. on a locked-down, PW-protected and comapny-approved external hard drive or SSD. Good luck with the latency!
I understand your dilemma and I sympathize. But you just lost your deniable credibility.