Export (0) Print
Expand All

Office 365 security and compliance

 

Applies to: Office 365 Midsize, Office 365 Enterprise

Topic Last Modified: 2014-07-15

Microsoft Office 365 is designed to help meet your organization’s needs for content security and data usage compliance with legal, regulatory, and technical standards. Setting up policies and enabling services that optimize these conditions is an important part of administering Office 365. To establish a secure and compliant Office 365 work environment that meets your organization’s requirements, you may want to learn more about the staples of security and compliance described in this topic.

The following table describes the Office 365 features that are available to help you with fulfill your organization’s security and compliance needs.

 

Feature Description

Anti-spam and anti-malware protection in Office 365

Office 365 has built-in malware and spam filtering capabilities that help protect inbound and outbound email messages from malicious software and help protect you from spam. You don’t need to set up or maintain the filtering technologies, which are enabled by default, but you can make company-specific filtering customizations.

Archiving in Office 365

Archiving allows you to manage information lifecycle in Office 365 by automatically archiving older and infrequently accesed content, and removing older content after it’s no longer required. It includes In-Place Archiving, Retention Policies, Overview of document deletion policies and Records management.

Auditing in Office 365

You can use the auditing functionality in Office 365 to track changes made to your Exchange Online configuration by Microsoft and by your organization’s administrators and changes made by users to documents and other items in the site collections of your SharePoint Online organization. After you turn on auditing to capture admin and user actions, you can view audit reports and export the audit logs.

Data loss prevention in Office 365

Data loss prevention (DLP) helps you identify and monitor sensitive information, such as private identification numbers, credit card numbers, or standard forms used in your organization. You can set up DLP policies to notify users that they are sending sensitive information or block the transmission of sensitive information.

eDiscovery in Office 365

Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery in Office 365 to search for content in Exchange Online mailboxes, SharePoint Online sites, or both. Using eDiscovery, you can identify, hold, and export content found in Exchange mailboxes and SharePoint sites.

Encryption in Office 365

Office 365 Message Encryption is an easy-to-use service that lets email users send encrypted messages to people inside or outside their organization.

Hold in Office 365

Hold allows you to preserve or archive content for compliance and eDiscovery. Hold includes Overview of hold policies, In-Place Hold and Litigation Hold.

Information management policies in Office 365

An information management policy is a set of rules for a type of content. In SharePoint Online, information management policies enable organizations to control and track things like how long content is retained or what actions users can take with that content. Predefined policies include retention policies, expiring out-of-date content, and auditing of document usage.

You can use site policies to help control site proliferation. A site policy defines the lifecycle of a site by specifying when the site will be closed and when it will be deleted.

Information Rights Management

Information Rights Management (IRM) helps prevent sensitive information from being printed, forwarded, saved, edited, or copied by unauthorized people.

Legacy Exchange Hosted Services

Information about transition from the following legacy Exchange hosted services:

  • Exchange Hosted Archiving (EHA)

  • Exchange Hosted Encryption (EHE)

  • Forefront Online Protection for Exchange (FOPE)

Mobile device management in Office 365

You can use Office 365 to secure and manage any device that uses Exchange ActiveSync to sync with your organization’s email, calendar, contacts, and tasks. Using the Office 365 and Exchange admin centers, you can perform common mobile device management tasks like setting device access rules, viewing device reports, and remotely wiping devices that are lost or stolen.

Transport rules in Office 365

Using transport rules, you can look for specific conditions in messages that pass through your organization and take action on them. Transport rules let you apply your business policies to email messages and they can help you secure messages, protect messaging systems, and prevent information loss. You can use the Exchange Admin Center or Windows PowerShell to manage transport rules.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft