There’s a new OneDrive feature rolling out this May that might seem harmless at first but could actually open the door to some pretty serious data leaks if you’re not careful.
Microsoft has introduced a new prompt in OneDrive that encourages users to sync their personal Microsoft accounts on work devices.
On the surface, it just looks like a simple nudge — “hey, want to sync your stuff?” — but if your organization isn’t watching closely, you could end up with users mixing personal and corporate data without realizing it. That’s a risky combo.
This update showed up on the Microsoft Roadmap, and while it hasn’t made big headlines, it’s definitely something IT teams need to get ahead of.
OneDrive Prompts Users to Sync Personal Accounts on Work Devices
According to the latest update on their roadmap, the OneDrive Sync client on Windows can now detect personal Microsoft accounts that were used on a work device — and it’ll prompt the user to sync their personal OneDrive files.
So, if someone logged into their personal Microsoft account on their work laptop at some point — maybe to check Outlook.com or download something from the Microsoft Store — OneDrive might pop up and ask if they want to sync their personal files too.
If they click “Yes,” their personal OneDrive starts syncing alongside their work files.
The real issue? This setting is turned on by default. From Microsoft’s point of view, it might seem like a helpful feature. But for corporate environment trying to keep personal and work data separate, it’s a serious security risk!
⚠️ The Risks of Mixing Personal and Work Files
Allowing personal OneDrive accounts on corporate devices introduces several risks:
- First off, there’s the risk of data leakage. A user could accidentally — or even intentionally — move sensitive business files into their personal OneDrive, completely bypassing your organization’s security controls.
- Then there’s the issue of visibility. Personal accounts aren’t managed under your corporate policies, which means no monitoring, no logging, and no control. Once that data leaves your environment, you’re in the dark.
Even worse, if your organization has strict compliance or regulatory requirements, this could lead to shadow data exposure — and serious compliance violations!
How to Disable Personal OneDrive Sync in Microsoft 365
Thankfully, Microsoft provides Group Policy settings to prevent this, but spoiler alert: only one really matters. Here’s how to enforce them:
1. Use “DisablePersonalSync” – The Essential Policy
This is the real fix. It fully blocks users from syncing personal OneDrive accounts with the OneDrive Sync client — which means no crossover between personal and work files.
Steps to Enable:
- Open the Group Policy Management Console (GPMC).
- Go to: User Configuration → Policies → Administrative Templates → OneDrive.
- Find and double-click “Prevent users from syncing personal OneDrive accounts”
- Set it to Enabled.
- Click OK to save the changes.
🔔 Heads up: If a user already had personal sync set up, it will stop syncing — but any files they already downloaded will stay on the device. So the earlier you turn this on, the better.
✨ If you do one thing today, enforce this policy.
2. Use “DisableNewAccountDetection” to Hide the Sync Prompt
This one doesn’t block anything! The “DisableNewAccountDetection” setting controls whether users are prompted to sync personal (Microsoft Account) OneDrive files when such accounts are detected on corporate devices.
You can enable this policy via Group Policy Editor or by configuring the registry directly.
👉 Steps to disable OneDrive personal sync prompts
This is more of a band-aid than a fix — helpful for reducing exposure, but not a replacement for disabling personal sync completely.
Bottom Line: The Default Is NOT Safe
Microsoft ships this behavior enabled by default. That means unless you explicitly turn it off, your users are going to start seeing prompts — and some of them will click “Yes” without thinking twice.
If your organization isn’t aware of this or hasn’t configured the right policies, you’re basically giving employees a green light to copy business files to their personal space.
Review and update your Group Policy settings today to ensure your organization’s data remains secure!
