Don't use oneDrive to share files for collaboration!

As usual Microsoft terminology and structure makes some things more confusing than they need to be. Microsoft has a tendency to use the same name for multiple different things. So let's define a few things here:

OneDrive - originally a personal library only, attached to a Microsoft Account. Microsoft has expanded the use of this term. OneDrive now refers to (simultaneously):

• Your personal library attached to your personal Microsoft Live account - in a business setting these should never be used. You don't control these.
• Your personal library attached to your business Microsoft365 account
• The tool we use to synch any document library above, as well as sharepoint document libraries to your local computer

Microsoft Group/Team:

• A Microsoft group or team is an organized set of features in Microsoft 365. Creating a group or team creates a shared email address, a separate calendar, a Teams chat space, a oneDrive compatible document library, a oneNote, a planner,
• Access to these features is controlled through group membership by adding or removing users from a group.
• The document library created should be used for all collaborative documents for that team of users.
• Teams should be created by job function, or focus. All your clients. All your HR users, all your accountants, etc.

Sharepoint document library

• Every place where you can store files on Microsoft 365 is a sharepoint document library. Depending on how that library was created it will have different permissions but the underlying mechanism is the same for all document libraries. This includes business personal oneDrives, group libraries and sharepoint site libraries.
• Documents in libraries are auto-versioned - you can roll back the file to an older version easily.
• Documents in libraries go into a recycle bin when deleted, and can be recovered for up to 30 days.
• Documents in libraries can have - if you have the proper licenses - expiration policies attached - individually or by library or by tenant - to autodelete or archive them or retain them for some period of time.
• Any document library you have permission to may be synced using the oneDrive application to your system for offline work.
• In general files in document libraries can be shared using web apps or desktop apps - even at the same time. You can see web-app changes live in real time.

So as such it frequently comes on us to decide where to put a document we're working on:

• In a private oneDrive?
• In a Sharepoint library separate from a group?
• In a group library

In general you should make the choice this way:

• Documents that are shared short-term, or just have one or two people collaborating on CREATING prior to PUBLISHING can be put in oneDrive, as can anything in your my documents or desktop, using backup. But they should be moved to a group or sharepoint library once you put them in production. Production files should not be shared from a OneDrive.
• Documents that apply to a specific group of people but don't need granular permissions (including everyone in the company) that are production documents should be in a group or sharepoint library not a oneDrive.
• Documents that need granular permissions (these users can edit, these users can read, these users cannot access, etc) should be in an independently created sharepoint site and library - not in a group library. Group libraries do not have granular permissions. It's all or nothing.

Sadly Microsoft makes it clear as mud as to which method to use to manage documents for your company. Since most users automatically get a oneDrive, that backs up their My Documents automatically, this is the most frequently used shared space. Users create documents here, send out a share link to others that need it and it all works. BUT - there is a danger here.

Individual user OneDrive files are DELETED PERMANENTLY when the user is deleted. That's right. They go away. And while we all want to think none of our users would leave us - this is almost never the case. Users leave or change companies and if all the files they worked on are in a personal OneDrive, all those links will break when their user account is recycled or it's license is removed. Thus critical production information can be lost.

I just had the perfect example of why NOT to store shared documents in a personal or company oneDrive. OneDrive's are not intended for shared use. They HAVE sharing capabilities, but since the storage is attached to a USER account, not to the TENANT the data literally disappears within 30-60 days after the account is deleted. Once that 30-60 days has passed - it becomes quickly irrecoverable. The problem is that if a bunch of OTHER people use that file they will have no information that it's about to disappear - until it does. We had this happen to a customer with their entire billing information spreadsheet disappearing when the user's deleted account expired. Fortunately we were able to recover it, but only with a LOT of powershell and recovery labor, and only because we discovered it rapidly after the document was deleted.

As an alternative, Microsoft has a robust file storage system for sharing files called sharepoint. It's built into teams and groups, and every tenant has 1TB of shared storage (total across all teams and groups) available (plus a scalable amount of 20gb/user). This is where shared documents belong. When you create a team or group, a sharepoint site and document library are automatically created for you. Storing files here makes them instantlly accessible, without sharing links, to everyone in the group. Adding or removing access to those shared documents is as easy as adding or removing users from and to the group. There is also a tenant wide sharepoint site created for each tenant (and you can create as many more as you like) that has a tenant accessible document library for all users.

Sharepoint document libraries can be used just like oneDrive - sync to your pc, drag and drop using the folder to put files there, add a library or folder to favorites for frequently used documents, use file manager to organize them. But sharepoint files are also VERY robust and have many features:

* Every sharepoint document is versioned - and you can roll back to any version

* Sharepoint documents can be shared just like oneDrive using share links, internally or externally (this is controllable at the tenant level, and individually for sharepoint libraries created outside groups).

* Unlike oneDrive which shares settings across lots of individual repositories, or group libraries which have default permissions for all group members, you can set permissions on specific sharepoint libraries any way you like. Want to be able to have some users read, and others publish or write - you can do that. Want to have a document flow be automatically kicked off when a document is edited or created? You can do that.

In short, using office365 to its fullest means using a thoughtful approach to where to store files, and in general personal oneDrive should be used for document and folder backup, not for sharing files internally.