Where to keep your files: OneDrive, SharePoint, or Teams?
There are often many ways of doing the same thing in Microsoft 365, and the truism holds for organizing files as well. With OneDrive for Business (aka "OneDrive"), SharePoint Online, and Microsoft Teams to choose from, how does one decide? In this article we'll work through the similarities, differences and best practices for both internal sharing with colleagues, and external sharing with guests.
What do OneDrive, SharePoint and Teams have in common?
First, let’s cover what is the same or similar between the apps. With OneDrive and SharePoint, both make it possible to create a file repository that we can refer to as a “drive.” And in both cases, when someone is granted access to a drive, they can Sync that drive to their laptop or workstation where it appears in a separate group in File Explorer, i.e. one group displays your SharePoint drives or libraries, and another contains your OneDrive files. If you’ve ever used a network file share or had a “mapped drive” in the past, the experience is similar; files can be opened, moved, shared, etc. without ever leaving File Explorer. (See also: Sync SharePoint and Teams files with the OneDrive sync app)
Microsoft Teams adds a wrinkle but it's an easy one. When you make a "Teams team" you also get a SharePoint site. That site includes the same standard Document Library you get with any other SharePoint Site, but with a folder called "General". When your team is open in Teams, the Files tab leads to that General folder. Once inside the Files tab, you see the option to "Open in SharePoint," as well as the link to "Sync" this folder to your local machine. Therefore, Teams files are SharePoint files. Now that we know our decision is really between OneDrive and SharePoint, what goes where?
When to use OneDrive
OneDrive is where personal files are stored. Think of it as a “My Documents” location that is automatically backed up to the cloud - in fact in Windows 10, OneDrive wires itself to My Documents to do exactly that. While a OneDrive file or folder can be shared with colleagues, this soon creates many permissions to manage and potentially audit. When (x) people share with (x-1) colleagues who are also sharing with their colleagues, an exponential number of shares is potentially created. In orgs with more than ~40 people this “proliferation of permissions” can become unmanageable in a few months, so it is important to think about and establish governance early.
Since each OneDrive belongs to a person not a team, if they are often used for sharing with one's teams, they become a difficult migration exercise when someone who hosts many shares leaves the company. OneDrive ownership is not simply transferred. When a user is deleted from AAD, you have the option to assign their OneDrive to someone - typically their manager - for a 30 day period (Further reading: OneDrive retention and deletion). If your org simply removes the license or places deleted users in a "Deleted Users" OU, then the OneDrive persists and you will need to work out your own steps to recover that storage. Taken together, the recommendation is to use OneDrive as you would “My Documents,” for personal files and drafts not yet ready to share with a wider team.
When to use SharePoint or Teams
For sharing and collaborating with a team, SharePoint sites or Microsoft Teams are more appropriate that OneDrive. A SharePoint site has an owner and an optional secondary owner, and ownership can be changed without anyone losing access to the content and permissions managed by the previous owner. Whether you use the other features of the SharePoint site or not, it is simply the best option for sharing files among a group of people and managing their permissions.
How to decide between SharePoint and Teams? This decision really depends on where you encourage people to do their work. If you've rolled out Teams for meetings and real-time chat, then it makes sense to create a team. If not, then SharePoint will work just fine. If and when you adopt Teams, you can either "Team-ify" your SharePoint sites, or add a Tab to any Team linking it to an existing SharePoint library. Just be sure everyone on the team is granted appropriate permissions to the library.
External Access
External, or "Guest" access is when files or folders are shared with someone outside your company, using their own work email address. Guest access does not require any additional licenses, and you can have as many guests as you like. Each guest uses their own work address to sign in. When a guest's work account isn’t hosted on M365, they will be asked to create a password for future use.
Either SharePoint or Teams can be used to share files and folders with guests, and how permissions are assigned for doing so should be a part of the planning conversation. Again, it helps to think about how permissions might be periodically (if ever) reviewed. A simple rule-of-thumb is that if you're willing to spend the time and resources to audit it, open it up. If not, lock it down.
If per-team or per-function scenarios are more likely (think: sharing reports with board members, or financial records with auditors, or a project site with contractors) then SharePoint is probably the right choice to open up and manage external sharing.
Whenever I work with a client to plan guest access, we work through a standard set of questions, for example:
Will you require users to login to see what you’ve shared with them? Recommended: yes, require a password.
Do guests need to use the same email address that they were invited with? Recommended: yes, do not allow invitations to be forwarded.
Can users from any domain be granted access, or must their domain first be added to an “allowed” list? Recommended: Use an “allowed” list and avoid social media domains (Hotmail.com, Gmail.com, etc.).
Do I want guests to be able to Sync a drive or folder to their local machine the way that internal users can? The answer should depend on how far you trust your business partners to keep their laptops secure.
Do I want to protect files from being opened, copied, printed or shared when they're stored offline? Applying Information Rights Management (IRM) to files is a whole other conversation with governance, licensing and planning implications, but for some industries and companies it's a must-have.
This should get you started with planning document management with OneDrive, SharePoint and Teams. Questions and feedback are welcomed in the Comments. If you would like help planning and implementing a document management policy for your organization, do reach out, it would be great work with you.
OneDrive: Behind the scenes
This extra bit of info isn't important for policy planning, but it's good to know for the IT Ops admins and Enterprise Architects in the crowd. Behind the scenes, OneDrive is also a SharePoint library. If you've around since SharePoint's on-premises days you will recall the "My Site." This was a SharePoint site with a special template that was created automatically when someone logged into SharePoint for the first time. OneDrive URLs are the giveaway:
- https://contoso-my.sharepoint.com/personal/eli_contoso_com/_layouts/15/onedrive.aspx
Site served from a separate "domain-my" web application? Check. Managed path of "personal?" Check. Option chosen to include the full account and domain name encoded to avoid collisions? Check and triple-check. OneDrive UI page served from _layouts so it can be served in all web applications? Okay that's new.
So what happened to the My Site? In a nutshell, My Sites were always difficult to explain and harder to manage, so they evolved into Profile pages without any real options for customization, and the My Site's DocLib became the user's OneDrive. That should be all you need to know to better understand how to work with OneDrives with one caveat: always start with the out-of-box OneDrive options and their UI equivalents before you start treating these as regular SharePoint sites, because they aren't exactly regular sites.
In closing
Hard to believe it's been over half a decade since my last post. The M365 community has grown to the point where I can answer most client questions with a conversation supported by a few links. Only a few areas remain that aren't as well-covered and this happened to be one. Still, I think I should be writing more. "Practical M365 Governance" seems to be the right label to put on posts about my experience in guiding SP and now M365 implementations for large organizations over the last 15+ years. Thoughts? Comments? Any WordPress or Orchard design experts out there who can lift page beyond it's current "Hello World" aesthetic? See you in the comments.