Plan for security & compliance

Managing security and compliance is a partnership. You're responsible for protecting your data, identities, and devices, while Microsoft vigorously protects Microsoft 365 services. You can use Microsoft 365 and Enterprise Mobility + Security (EMS) together to help you achieve the appropriate level of protection for your organization.


If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

Step 1: Review capabilities

Orient yourself to the information protection capabilities in the Information Protection for Office 365 poster.

Deploy information protection for data privacy regulations with Microsoft 365

Step 2: Check your Secure Score

After setting up your Microsoft 365 subscription, take note of your starting score. Secure Score provides configuration suggestions that you can take to increase your score. The goal is to be aware of opportunities that you can take to protect your environment that won't negatively affect the productivity of your users.

Step 3: Plan access protection for identity and devices

Protecting access to your Microsoft 365 data and services is crucial to defending against cyberattacks and guarding against data loss.

PDF | Visio | More languages

Step 4: Plan data protection based on data sensitivity

Review and plan for file protection capabilities organized by three levels of protection.

PDF | Visio

Step 5: Use the Compliance portal

The Compliance portal gives you a single view into the controls you'll use to manage the spectrum of Microsoft 365 security, including threat management, data governance, and search and investigation.

Step 6: Use end-to-end security scenarios as starting points

Use these recommended configurations as a starting point for enterprise scale or sophisticated access security scenarios.

Microsoft 365 admin centers and dashboards

Configure your security and compliance settings in these admin centers and dashboards to protect your Microsoft 365 environment

Subscription Management URL Dashboards and admin centers
Microsoft 365
Microsoft 365 admin center
Compliance portal
Exchange admin center
SharePoint admin center and OneDrive for Business admin center
Enterprise Mobility + Security
Azure Active Directory
Microsoft Mobile Application Management
Microsoft Intune
Enterprise Mobility + Security
Defender for Cloud Apps