New Secure SharePoint Online Sites and Files solution for Microsoft 365 Enterprise

The new Secure SharePoint Online Sites and Files solution for Microsoft 365 Enterprise gives you a technical overview and the step-by-step deployment instructions to quickly set this up for your organization:

Here are the main elements of the configuration:

  • There are four types of SharePoint Online team sites—Public, Private, Sensitive, and Highly Confidential— with decreasing levels of ability to invite new members or accept requests for new members and increasing security.
  • For all four types of sites, an Office 365 label gets assigned by default to files in the site.
  • For sensitive sites, a Data Loss Prevention (DLP) policy warns users when they attempt to send a file with the Sensitive Office 365 label outside the organization.
  • For highly confidential sites, a DLP policy prevents users from sending the file with the Highly Confidential Office 365 label outside the organization and a Highly Confidential Azure Information Protection (AIP) label, when applied to a file, encrypts its contents and includes permissions that only allow members of specified groups to open it.

To set this up for demonstration, proof of concept, or dev/test, see Secure SharePoint Online sites in a dev/test environment.

This solution is designed for Microsoft 365 Enterprise E5, a new offering that combines Office 365, Enterprise Mobility + Security (EMS), and Windows 10 Enterprise.

For additional documentation about Microsoft 365 Enterprise, click here.


To join the CAAB, become a member of the CAAB space in the Microsoft Tech Community and send a quick email to to introduce yourself. Please feel free to include any information about your experience in creating cloud-based solutions with Microsoft products or areas of interest. Join now and add your voice to the cloud adoption discussion that is happening across Microsoft and the industry.