Microsoft 365 Business Premium security and compliance features

Microsoft 365 Business Premium offers simplified security features to help safeguard your data on PCs, phones, and tablets.

Microsoft 365 admin center security features

You can manage many of the Microsoft 365 Business Premium security features in the admin center, which gives you a simplified way to turn these features on or off. In the admin center, you can do the following:

Additional security features

Advanced features in Microsoft 365 Business Premium are available to help you protect your business against cyber-threats and safeguard sensitive information.

  • Microsoft Defender for Office 365

    Microsoft Defender for Office 365 helps guard your business against sophisticated phishing and ransomware attacks designed to compromise employee or customer information. Features include:

    • Sophisticated attachment scanning and AI-powered analysis to detect and discard dangerous messages.

    • Automatic checks of links in email to assess if they're part of a phishing scheme. This keeps you safe from accessing unsafe websites.

  • The full capabilities of Intune in the Azure portal

    Accessing the Intune admin center in the Azure portal allows you to set up additional security features, such as management of MacOS devices, iPhone, and Android devices, along with advanced device management for Windows, that aren't available through Microsoft 365 admin center.

  • Same Conditional Access as Azure AD Premium P1 plan

    Conditional Access can help protect your organization from sign-in risk, access attempts from an unexpected network or locale, access attempts from risky device types, and so on. Conditional Access policies are enforced after the first authentication is completed, and it uses signals from the first authentication event to determine if the attempted access should be approved, denied, or if more proof (such as a second form of identification) is required.

    The conditional access features included are:

    Other features:

Compliance features

Your Microsoft 365 Business Premium subscription includes features that help you maintain compliance and regulatory standards.

  • Overview of data loss prevention policies (DLP).

    You can set up DLP to automatically detect sensitive information, like credit card numbers, social security numbers, and so on, to prevent their inadvertent sharing outside your company.

  • Exchange Online Archiving

    Exchange Online Archiving license enables messages to be easily archived with continuous data backup. It stores all of a user's emails, including deleted items, in case they're needed later for discovery or restoration. Additionally, you can use different retention policies to preserve email data for litigation holds, eDiscovery, or to meet compliance requirements.

  • Sensitivity labels

    Microsoft 365 Business Premium includes all the features of Azure Information Protection Plan 1. With this plan, you can create Sensitivity labels that allow you to control access to sensitive information in email and documents, with controls like "Do not forward" and "Do not copy." You can also classify sensitive information as "Confidential" and specify how classified information can be shared outside and inside the business. Enterprise-grade encryption is easy to apply to email and documents to keep your information private. You can also install the Azure Information Protection client add-in for Office apps. For more information, see Azure Information Protection unified labeling client. For Sensitivity labels, install the AzInfoProtection_UL.exe.

You can manage these features in the Security & Compliance center and the Intune admin center. Over time the simplified controls will be added to the Microsoft 365 admin center.


Are these security features available in all markets?

Yes, these features are available in all markets where Microsoft 365 Business Premium is sold.

How do I find the Security & Compliance center?

  1. Sign in to Microsoft 365 Business Premium by using your admin credentials.

  2. In the left nav, locate Admin centers and expand it.

    In the left nav in the Microsoft 365 admin center, choose Admin centers.

  3. Choose Security & Compliance to go to Security & compliance center.