Read time 4 minutes

Microsoft Office 365 has become one of the most popular platforms for organizations due to its mobility and collaboration features. As everyone knows, the security is a main challenge in a cloud-hosted environment; therefore, organizations need to take special care to secure their data. And Office 365 offers inbuilt capabilities and controls to help businesses meet security compliances.

Microsoft is continuously adding more and more features to fulfill various compliance needs of organizations. There are many things that you can manage with the help of the Security & Compliance Center in Office 365.

Office 365 Compliance Center

Microsoft has integrated many compliance features into Office 365 Compliance center. It acts as a hub for the compliance in Office 365 and allows users to fulfill their legal, regulatory, and technical compliance requirements across Office 365, Exchange Online, and SharePoint Online. Following are the key tasks that can performed from Compliance Center.


The eDiscovery feature is used to search, identify, locate, and retrieve records for legal matters. You can also find and export content from SharePoint sites, Exchange mailboxes, and OneDrive locations. It allows you to analyze large, unstructured data to pinpoint the information that is relevant to a specific legal case. There are specific things that can be searched with eDiscovery tool, such as:
eDiscovery tool

  • Exchange online mailboxes and public folders
  • Skype for business conversations
  • Office 365 Groups
  • SharePoint Online and OneDrive for Business sites
  • Microsoft Teams
Data Governance

The Data governance center allows users to import email from external platforms, create archive mailboxes, and establish new policies to retain email and other content. The various features of Data governance are as follows:
Data Governance

  • Import – The import service allows users to import PST files to Exchange mailboxes.
  • Data Retention – The data retention feature in Office 365 enables you to manage your email lifecycle by retaining the content that is necessary and delete the content which is no longer required.
  • Archiving – The archiving feature automatically moves Exchange online emails to archive mailboxes.
  • Supervision – It makes sure that your emails and third-party communications are compliant with your business policies.
Threat Management

Threat management in Office 365 Compliance helps you secure your business data from data loss and protect from malicious software and spam. It secures your domain’s reputation by identifying undesirable activities from accounts in your domain. Some unique facilities that Threat management provide are:
Threat Management

  • Device Management – Helps in managing and securing mobile devices that are connected to Office 365. You can set device security policies and access rules and wipe data from mobile devices if they’re lost.
  • Anti-spoofing – It protects your domain’s reputation by eliminating unwanted activities from it.
  • Encryption – Secures your data using effective encryption policies and settings.
  • Anti-malware & anti-spam – Protect your Office 365 mailboxes from viruses and spyware by creating anti-malware policies.
Set User Permissions

The Permissions page in Office 365 Compliance assigns specific permissions that are responsible for compliance tasks. Users can access any content or perform a task only if you grant them permissions. Also, users should be a part of Security and Compliance Center role groups like Compliance Administrator, eDiscovery Manager, Organization Management, Records Management, Reviewer, Security Administrator, Security Reader, Service Assurance User, and Supervisory Review.

Office 365 Auditing

The auditing facility of Office 365 continuously logs and reports activities that occur across Office 365 applications like SharePoint, Exchange, Azure Activity Directory, and OneDrive. The auditing facility enhances transparency and allows you to investigate activities, identify risks, protect intellectual property and respond to threats. With Office 365 Auditing you can track, such as:
Office 365 Auditing

  • User activities in SharePoint Online, Exchange Online, and Azure Active Directory
  • User activities in Sway, Power BI, Microsoft Teams, Yammer, and OneDrive for Business

With alerts, you can create and view alerts for specific activities in Office 365. To know more about how alert policies work and how signals are triggered when users activities match the conditions of an alert policy, you can check the below image or visit Microsoft’ Office 365 Alert Policies.


If your organization has to meet compliances, then it’s a good idea to know about Office 365 compliance features and how it can benefit you. For a detailed guide of Office 365 Compliance, you can visit their official website.