RMIT provides staff and students with great tools that enable safe storage, sharing and access to electronic files through OneDrive, SharePoint and MyDesktop.

Storage Rule of thumb
OneDrive: use for me (personal working files), and
SharePoint: use for we (files your colleagues may need access to).

OneDrive file storage

  • All staff and students are provided with an Office 365 licence, which includes cloud storage in OneDrive.  OneDrive is the preferred storage repository for work and study-related draft or work in progress file status.  It offers easy access from any device, including your mobile, eliminating the need to have multiple copies.  Your OneDrive is linked to your e-number so be mindful that if you leave the University, OneDrive files will no longer be accessible to people you have shared files with.  Files requiring long term access by others should not be stored in OneDrive. 
  • To access OneDrive, use your RMIT email address and network password to log in via, then select ‘OneDrive’.



  • SharePoint is a useful site for files that require shared access for a team or workgroup. Every SharePoint site comes with a ‘documents library’ where you can set up folders and manage who can access your team’s files.  
  • Documents containing sensitive information should NOT be uploaded to a site with a ‘public’ setting.
  • Data protection sensitivity labels are also available and, based on the contents of the document, should be applied to every document before you store and/or share data.  Select from Public, Trusted, Restricted, Protected. Click here for more details on what labels must be applied to all data using your RMIT access (staff access only).
  • Before using any SharePoint sites, it is important you undertake learning, so you are aware of the security implications of storing, accessing and sharing files.
  • SharePoint folders can be accessed on your mobile device.
    Download the SharePoint app from the App Store (iOS) or Google Play (Android).

Top tips to ensure your information remains protected and secure in SharePoint

Site Owners

  • Before you create a new site, define the purpose of the site and define who should have access.
  • Know and understand your security and access responsibilities. As a site/folder owner, you are accountable for who has access to your folder and the information it contains. You must regularly review and update who has access to ensure its only given to people who need it.
  • Understand the Site’s external sharing (outside of RMIT) permissions
  • Undertake regular (six monthly) reviews of user access.
  • Have two to three current site owners. This will make access requests and reviews easier to manage.

For more SharePoint site owner tips, click here.

SharePoint User

  • Before you add or access files on any site, discuss with the owners the purpose of the site and understand who will have access to files stored in that location.
  • Make sure appropriate Information Classification labels (Public, Trusted, Protected or Restricted) are applied to all files before they are uploaded.
  • Remember, different areas of a SharePoint site may be accessed by different groups so it’s important to always know where you are uploading a file/folder.
  • NEVER upload sensitive information to a ‘public’ SharePoint site. In doing so, you may give unauthorised people visibility of sensitive data. Documents uploaded to a ‘public’ SharePoint site are accessible to all RMIT staff and students. 


  • When storing files in Teams, remember that they are actually stored in an underlying SharePoint site. Check with the Teams group owners to ensure the site is secure.


  • Use MyDesktop as a secure virtual RMIT desktop for automatic access to your files (and an on-campus experience). Access it from anywhere, from any browser.  Simply go to and log in with your email address and network password. Be sure to disconnect (log off) when you have finished so others can’t access any of your information.

USB/Flash Drives

  • Do not use USB or flash drives. They are easily lost and sensitive information could fall into the wrong hands.
  • Avoid putting someone else’s USB drive into your PC. It may infect your computer with malware.
  • If you find a USB drive in any public place, it’s best to leave it alone.