Microsoft really 
wants you to turn on "Windows Backup." You've probably seen the prompts—cheerful blue cloud icon, reassuring language about keeping your files "protected" and accessible from anywhere.
Here's what they're not telling you: OneDrive is a sync tool, not a backup solution. And while that might sound like splitting hairs, the difference could cost you everything.
UPDATE: As of October 2025, Microsoft announced that Word for Windows will now save documents to OneDrive by default. Unless you actively change this setting, your Word documents are automatically being stored in OneDrive—whether you intended that or not. Your files are now in the sync-not-backup trap without you even realizing it.
What's the Difference Between Sync and Backup?
Think of it this way:
Sync is like a mirror. Whatever happens on one side instantly happens on the other. Delete a file on your computer? It's deleted in OneDrive. Download a virus that corrupts your documents? Those corrupted files sync right up to the cloud. It's a perfect reflection—for better or worse.
Backup is like a time capsule. It takes a snapshot of your files at a specific moment and stores it separately. If something goes wrong, you can go back to that snapshot. Your backup doesn't care what chaos is happening on your computer right now—it's safely preserved elsewhere.
OneDrive is definitely the mirror. It is decidedly not the time capsule.
(Spoiler alert: There is a solution to this problem. If you just want to know how to properly protect your Microsoft 365 data, skip to the bottom for pricing and details.)
"But Wait—What About File Versioning?"
Fair point. OneDrive does have file versioning (also called "version history"), which keeps previous versions of your files. This can save you if you accidentally delete something or need an earlier version of a document.
But let's talk about the default settings—the ones that 99% of OneDrive users actually have:
Personal OneDrive accounts keep version history for just 30 days. That's it. After 30 days, those old versions disappear forever.
Think about that for a second. If something goes wrong and you don't notice it within a month, you're out of luck. And here's the problem: most people don't regularly check their file versions. Why would you? You're busy. You trust that your files are fine.
Until they're not.
Here's what that 30-day window really means:
- You have to notice the problem quickly. Ransomware encrypted your files three weeks ago but you've been on vacation? Better hope you catch it in the next 9 days.
- You have to know version history exists. Most people don't. They just see their files are gone or corrupted and panic.
- You have to manually restore. Version history doesn't automatically save you—you have to know to go look for it, find the right version, and restore it yourself.
- Versions can be corrupted too. If malware gradually corrupts files over time, you might have 500 versions of corrupted files. Great.
Now, OneDrive for Business accounts can be configured to keep versions longer—up to 500 days if an admin sets it up that way. But that's not the default, and most small businesses are running on the standard settings without realizing it.
Version history is a nice feature. But it's a 30-day safety net with a big "you must notice the problem and know what to do" asterisk attached. That's not the same as a real backup strategy.
Microsoft Says It's Not Their Problem
Don't take my word for it—take Microsoft's. Their Services Agreement explicitly states their position on backups, and it's crystal clear:
Section 4.a.iv.2 - Closing Your Account:
"You should have a regular backup plan as Microsoft won't be able to retrieve Your Content or Data once your account is closed."
Section 6.b - Service Availability:
"In the event of an outage, you may not be able to retrieve Your Content or Data that you've stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services."
Section 12 - Warranties:
Microsoft and its affiliates "MAKE NO WARRANTIES, EXPRESS OR IMPLIED, GUARANTEES OR CONDITIONS WITH RESPECT TO YOUR USE OF THE SERVICES." They provide services "AS IS," "WITH ALL FAULTS," and "AS AVAILABLE."
Read that again: Microsoft explicitly tells you to maintain your own backups. They're not liable for data loss during outages. They won't retrieve your content if something goes wrong.
In plain English: They're not backing up your data. That's your job.
You can read the complete Microsoft Services Agreement yourself at: https://www.microsoft.com/en-us/servicesagreement
The Ransomware Scenario
Let's walk through what happens if ransomware hits your computer:
- Ransomware encrypts all your local files
- OneDrive dutifully syncs those encrypted files to the cloud
- Your "backup" is now encrypted garbage
- Unless you have version history AND it captured clean versions before the encryption AND you catch it within the retention window, you're out of luck
A real backup system would have caught this. It would have isolated copies that ransomware can't touch, stored independently from your computer and your cloud sync services.
So What Should You Do?
I'm not saying OneDrive is bad—it's excellent for what it's designed to do: keep your files synchronized across devices. That's genuinely useful.
But don't confuse convenience with protection. Real data protection requires an actual backup strategy:
- Independent storage that isn't connected to your computer 24/7
- Regular, automated backups that capture your data at different points in time
- Verification that your backups are actually working
- Testing to make sure you can actually restore when you need to
Here's the thing: it isn't about backup, it's about restore. Think of it like a drill bit—you don't want the drill bit, you want the hole it makes. The backup is just the tool. What you actually need is the ability to restore your data when disaster strikes. If you can't restore it, the backup is worthless.
What About Microsoft 365 / Office 365?
This problem extends beyond just OneDrive. As Microsoft announced in October 2025, Word for Windows now defaults to saving documents directly to OneDrive. Your business documents—contracts, proposals, reports—are increasingly living in the cloud by default, often without users even realizing the change has happened.
Microsoft 365 (formerly Office 365) has become critical operational infrastructure for most businesses. Email, documents, spreadsheets, Teams conversations—these aren't just convenient tools anymore, they're the backbone of daily operations. Yet they're all subject to the same sync-not-backup problem.
For businesses relying on Microsoft 365, comprehensive backup protection should include:
- Complete Microsoft 365 backup (email, OneDrive, SharePoint, Teams)
- Independent management separate from Microsoft's infrastructure
- Protection from user error, malicious actors, and Microsoft service issues
- Optional email archiving for compliance and long-term retention
Cole Informatics provides exactly this: independently maintained and managed Microsoft 365 backup solutions with optional email archiving in the same system. It's specifically designed to protect the infrastructure that underpins your business's daily workflow—from threats both external and internal, including Microsoft itself.
Sources on Word's OneDrive default change:
The Bottom Line
Microsoft's "Turn On Windows Backup" prompt isn't technically lying—it's just being very generous with terminology. OneDrive can protect you from some data loss scenarios (accidental deletions, hardware failures), but it's not a comprehensive backup solution.
If your data matters—and it does—don't rely solely on sync tools like OneDrive, Google Drive, or Dropbox. They're part of a good data strategy, but they're not the whole strategy.
Your data is your responsibility. Make sure you're actually protecting it.
Want proper backup protection for your Microsoft 365 data? If you need to backup your business's 365-hosted data—OneDrive, SharePoint, email, Teams, and more—the cost is surprisingly affordable at just $36 per year per user. Reach out to us at info@coleinformatics.com and we'll get you set up.
Have questions about backup strategies or data protection? Feel free to reach out—we're always happy to talk about keeping your business's data safe.
