Applies to: Office 365
Topic Last Modified: 2017-04-25
SharePoint Online is a collection of Web-based tools and technologies that help your organization store, share, and manage digital information. Built on Microsoft SharePoint Server 2013, this hosted service is ideal for working on projects, storing data and documents in a central location, and sharing information with others. The following SharePoint features support IT Professionals in securing and managing their organization’s SharePoint environment.
If your company has existing users in a local Active Directory environment, there are tools for synchronizing those users to your Office 365 for enterprise directory. The Office 365 directory then feeds the SharePoint Online user profile. Learn more about Active Directory Synchronization.
Not available to SharePoint Online customers. SharePoint Server 2013 customers can configure alternate access mapping to map requests where the URL of a Web request received by Internet Information Services (IIS) differs from the URL that was typed by a user.
SharePoint Online customers and SharePoint Server 2013 customers can use the Analytics Platform, which replaces the Web Analytics service application, to help identify and surface the content that users consider to be the most useful and relevant. The Analytics Processing Component runs both Search and Usage analytics. Search analytics analyzes content that is being crawled and added to the search index. Usage analytics analyzes user actions on a SharePoint site, such as viewed items. Learn more about the Analytics Platform.
SharePoint Online provides anti-malware protection for files uploaded and saved to document libraries. This protection is provided by the Microsoft anti-malware engine that is also integrated into Exchange. This anti-malware service runs on all SharePoint Online Content Front Ends (CFEs).
Not available to SharePoint Online customers. SharePoint Server 2013 customers configure claims-based authentication for web applications that support SharePoint Server 2013 server-to-server authentication and app authentication. Learn more about claims-based authentication.
Not available to SharePoint Online customers. SharePoint Server 2013 customers can use the Farm Configuration Wizard to configure some SharePoint Server 2013 services automatically. Or they can configure services manually, which gives greater flexibility in designing a logical architecture. Learn more about the Farm Configuration Wizard.
Data loss prevention (DLP) identifies sensitive data stored in SharePoint Online. Identifying sensitive data can help you reduce risks to your organization. You can search for the sensitive information types in your organization using the eDiscovery Center. Sensitive content detections are noted, stored, and only available to approved users in the eDiscovery Center, and the classification results can be easily exported. To learn more about sensitive data types, see Sensitive information types inventory. Learn more about how to Use DLP in SharePoint Online to identify sensitive data stored on sites.
Site owners can perform their own self-service upgrades to their sites, when it is most convenient for them. SharePoint Online also provides new features to support upgrade, such as the health checker and evaluation site collections. Learn more about Site Collection upgrade.
Not available to SharePoint Online customers. SharePoint Server 2013 customers can use the Distributed Cache service to cache feature functionality, which improves authentication, newsfeed, OneNote client access, security trimming, and page load performance. Learn more about Distributed Cache.
There are two levels of encryption at rest for SharePoint Online. SharePoint Online Encryption at rest will provide BitLocker encryption by default on all customer document libraries, users' OneDrive for Business data, and site data that reside in the Office 365 datacenters. Per-file encryption will encrypt every individual file stored in SharePoint Online and OneDrive for Business with its own unique key. SharePoint Online and OneDrive for Business always provide encryption in-transit. To learn more about Encryption at rest, see Innovations in security and compliance.
Not available to SharePoint Online customers. SharePoint Server 2013 site collections can have their own unique host header. Creating a host-named site collection enables organizations’ to host multiple site collections with vanity URLs, which are easier for people to remember.
Three key security elements work together to control user access to sites and site content:
Permission levels (sometimes known as SharePoint roles)
SharePoint groups (or SharePoint security groups)
Learn more about SharePoint permissions.
SharePoint Server 2013 customers can use self-service site creation to configure things such as whether to use a custom form to create the site, whether to create a subweb or site collection, what path should be used when the site collection is created, and whether to ask or require that a site policy be selected when the site is created.
Not available to SharePoint Online customers. SharePoint Server 2013 system administrators can use a Managed Account, an Active Directory user account whose credentials are managed by and contained within SharePoint, to easily manage administrative tasks. That way the fate of your organization’s deployment does not rest on just one person’s account.
The minimal download strategy will use a single .aspx file (start.aspx) for your pages, with the actual URL encoded in the text following the hashmark (‘#’). When moving from page to page, only the changes between two compatible pages will be downloaded. Fewer bytes will be downloaded and the pages will appear more quickly.
You can use Mobile Device Management (MDM) for Office 365 to set device security policies and access rules, and to wipe mobile devices if they’re lost or stolen. You can use MDM for Office 365 to manage many types of mobile devices, such as Windows Phone, Android, iPhone, and iPad. To manage mobile devices used by people in your organization, each person must have an applicable Office 365 license and their device must be enrolled in MDM for Office 365.
Oauth is an Internet protocol for creating and managing app identity. Oauth allows for app identity to be recognized apart from user identity. This cross-platform mechanism means apps can be granted more permissions than the current user has. Learn more about server-to-server authentication.
Not available to SharePoint Online customers. SharePoint Server 2013 updates will be released by using a two-step phase process: patching and upgrading. During the patching steps, new binary files are copied to the Central Administration server. Any services that are using files that have to be replaced are temporarily stopped. There are some instances when a server must be restarted.
Not available to SharePoint Online customers. A quota template consists of storage limit values that specify the maximum amount of data that can be stored in a site collection. When the storage limit is reached, a quota template can also trigger an email alert to the site collection administrator. SharePoint Online administrators and SharePoint Server 2013 farm administrators can create a quota template that can be applied to any site collection.
Not available to SharePoint Online customers. SharePoint Server 2013 administrators can set content databases to be read-only.
Not available to SharePoint Online customers. Remote BLOB Storage (RBS) is an add-on feature pack for Microsoft SQL Server. RBS is designed to move the storage of binary large objects (BLOBs) from database servers to commodity storage solutions. If the content databases in Microsoft SharePoint Server 2013 are 4 gigabytes (GB) or larger, consider using RBS as part of your data storage solution.
Not available to SharePoint Online customers. SharePoint Server 2013 administrators can define rules, by using Request Manager, to do request routing and throttling to improve performance.
Not available to SharePoint Online customers. Request throttling provides SharePoint Server 2013 administrators with options for throttling HTTP requests when front-end web servers become too busy to handle all the incoming requests.
Not available to SharePoint Online customers. Resource throttling provides SharePoint Server 2013 administrators with options for monitoring and throttling server resources and large lists for Web applications. Resource throttling can monitor such resources as CPU, memory, and Wait Time, checking resources every 5 seconds.
SharePoint services can be individually consumed from any Web application. This platform provides the flexibility needed to use services, depending on application needs. Web Analytics is no longer a service application. Analyses and reporting processes were incorporated into the Search service application. Office Online is no longer a service application. Office Web Apps Server is now a separate server product. Depending on what Office 365 plan your organization subscribes to, Office Online may be available to SharePoint Online customers. Learn more about SharePoint service applications.
Not available to SharePoint Online customers. New for SharePoint Server 2013, site collection pre-upgrade health check examines a site collection and then generates a report listing ay potential upgrade issues and how to address the issues. For example, if a file has been customized, it will be flagged, so your organization can identify the custom file and reset it to the default template if the site definition, if you want.
The SharePoint admin center, available to certain SharePoint Online customers only, enables administrators to manage features such as the following:
Business Connectivity Services (BCS)
Managed metadata and the Term Store
Apps for SharePoint
Information Rights Management
Self-service site creation
Learn more about SharePoint admin center.
Shredded storage reduces storage usage and improves I/O performance by reducing how much information is retrieved by the web server from the content database. Shredded storage removes duplicate files and improves data transmission speed.
Shredded Storage can’t be set up by customers in SharePoint Online. Instead, Microsoft sets up and monitors Shredded Storage to optimally account for the scale of a multitenant environment. This helps provide a more reliable experience across the service, and it allows customers to submit feedback to Microsoft that can affect future changes.
A site collection policy can be created in the Site Collection Policies list for the top-level site in a site collection. After a site collection policy is created, it can be exported so that site administrators of other site collections can import it into their Site Collection Policies list. Creating an exportable site collection policy enables SharePoint administrators to standardize the information management policies across the sites in an organization.
Site collection owners or administrators can use the site collection health checker to detect issues with their site collections and address them before upgrading the sites to the new version. Learn more about Site Collection Health Checks.
Not available to SharePoint Online customers. The State Service allows SharePoint Server 2013 customers to check whether all services in their farm are configured correctly.
Not available to SharePoint Online customers. SharePoint Server 2013 administrators can use Central Administration to perform administrative tasks from a single location.
Not available to SharePoint Online customers. SharePoint Server 2013 site collection owners will receive an email message and a status bar notification in a site collection when an upgrade is available.
Not available to SharePoint Online customers. SharePoint Server 2013 customers can recover content from an unattached content database by using Central Administration.
A key benefit of separating the process of upgrading software and data from upgrading sites is that it allows site owners or administrators to run sites in SharePoint 2010 mode until the sites are ready to be upgraded to the latest version. In preparation for upgrading the site, site owners or administrators can request an evaluation site collection, which is a copy of the site, for review purposes. Evaluation sites are set to automatically expire and be deleted. For more information, see Create an evaluation site collection.
Not available to SharePoint Online customers. SharePoint Server 2013 administrators use audit log reports to view the data in the audit logs for a site collection. Learn more about Site Collection audit logs.
SharePoint Online administrators can use SharePoint Online Windows PowerShell cmdlets to script and automate administrative tasks for their subscription, such as the following:
Evaluation for site upgrade
Adding and removing SharePoint users and groups
Recycle bin management
Learn more about how to use SharePoint Online Management Shell.
To view feature availability across Office 365 plans, standalone options, and on-premise solutions, see SharePoint Online Service Description.