Security and Compliance in SharePoint Online and OneDrive for Business
Published Mar 13 2017 03:43 PM 12.9K Views

In today’s complex and regulated environment, businesses need to focus on building more secure solutions that deliver value to their customers, partners, and shareholders—both in the cloud and on-premises.  Microsoft has decades-long experience building enterprise software and running some of the largest online services in the world.  For SharePoint Online and OneDrive for Business we use this experience to implement and continuously improve security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of services and data. With SharePoint Online and OneDrive for Business our unique approach to security and compliance encompasses:




  • Platform Security – The processes and infrastructure in our datacenters to keep your data safe.
  • Secure Access and Sharing - The management access and sharing settings to ensure your sensitive data doesn’t leak, based on your needs.
  • Awareness and Insights – Complete visibility to make informed decisions, track, and account for all file activity with full transparency with reports and alerts.
  • Information Governance - Your ability to govern the lifecycle of your data, including deletion and retention policies, eDiscovery, and legal holds.
  • Compliance and Trust – A service that meets the latest compliance standards.  Trust – is about giving you full transparency and visibility into how we treat your data.


Over the past several weeks we've delivered a number of new features and capabilities (with more to come) that align to these pillars.


Secure Access and Sharing

Location and device-based conditional access policies


Awareness and Insights

Hybrid auditing general availability


Information Governance

Unified eDiscovery


In addition, one recent development is the use of graphs for correlation and visualization, supporting the analysis and actions on the output of our intrusion detection systems. To learn more about how we defend Office 365 with Graph Analytics see also


We know that data loss is non-negotiable, and overexposure to information can have legal and compliance implications.  SharePoint Online and OneDrive for Business provide a broad array of features and capabilities designed to make certain that your sensitive information remains that way with investments across our security and compliance principles to include compliance tools that span on-premises servers and Office 365 while providing a balance between enabling user self-service. 


We're continuously working to ensure content usage adheres to corporate policy defending your organization from today’s growing and evolving advanced threats.


To learn more about security and compliance with SharePoint Online and OneDrive for Business:

Read more about how we secure your files at


Review Office 365 Trust where we share our commitments and information about security, privacy, and compliance at


Stay up to date with our security and compliance blogs at and

1 Comment
Version history
Last update:
‎Apr 28 2018 11:55 AM
Updated by: