Plan for security & compliance

Managing security and compliance is a partnership. You're responsible for protecting your data, identities, and devices, while Microsoft vigorously protects Microsoft 365 services. You can use Microsoft 365 and Enterprise Mobility + Security (EMS) together to help you achieve the appropriate level of protection for your organization.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

Step 1: Review capabilities

Orient yourself to the information protection capabilities in the Information Protection for Office 365 poster.

Deploy information protection for data privacy regulations with Microsoft 365

Step 2: Check your Secure Score

After setting up your Microsoft 365 subscription, take note of your starting score. Secure Score provides configuration suggestions that you can take to increase your score. The goal is to be aware of opportunities that you can take to protect your environment that won't negatively affect the productivity of your users.

• Microsoft Secure Score

Step 3: Plan access protection for identity and devices

Protecting access to your Microsoft 365 data and services is crucial to defending against cyberattacks and guarding against data loss.

• Protect access to data and services in Office 365

• Secure email policies and configurations

PDF | Visio | More languages

Step 4: Plan data protection based on data sensitivity

Review and plan for file protection capabilities organized by three levels of protection.

PDF | Visio

Step 5: Use the Compliance portal

The Compliance portal gives you a single view into the controls you'll use to manage the spectrum of Microsoft 365 security, including threat management, data governance, and search and investigation.

• Go to the Compliance portal

• Permissions in the Compliance portal

• Add users or groups to a Microsoft Purview built-in role group

Step 6: Use end-to-end security scenarios as starting points

Use these recommended configurations as a starting point for enterprise scale or sophisticated access security scenarios.

• Secure email policies and configurations

• Contoso in the Microsoft Cloud

Microsoft 365 admin centers and dashboards

Configure your security and compliance settings in these admin centers and dashboards to protect your Microsoft 365 environment

Subscription	Management URL	Dashboards and admin centers
Microsoft 365	https://admin.microsoft.com	Microsoft 365 admin center Compliance portal Exchange admin center SharePoint admin center and OneDrive for Business admin center
Enterprise Mobility + Security	https://portal.azure.com	Azure Active Directory Microsoft Mobile Application Management Microsoft Intune
Enterprise Mobility + Security	https://portal.cloudappsecurity.com	Defender for Cloud Apps