Compliance options for Microsoft 365 groups, Teams, and SharePoint collaboration
Microsoft 365 offers a full suite of tools to maintain compliance as your users collaborate. Review these options and consider how they map to your business needs, the sensitivity of your data, and the scope of people that your users need to collaborate with.
The following table provides a quick reference for the compliance controls available in Microsoft 365. Further information is provided in the following sections.
|Retain groups mail and SharePoint content||Learn about retention policies for SharePoint and OneDrive|
|Retain chat and messages||Learn about retention policies for Microsoft Teams|
|Classify groups and teams||Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites|
|Automatically classify sensitive content||Apply a sensitivity label to content automatically|
|Encrypt sensitive content||Restrict access to content by using sensitivity labels to apply encryption|
|Prevent the loss of sensitive information||Overview of data loss prevention|
|Protect sensitive information in chat.||Data loss prevention and Microsoft Teams|
|Define your organization's sensitive information||Custom sensitive information types|
|Restrict communication between user segments||Information barriers|
Retention policies are available to retain or delete items used for collaboration in groups and teams, including files, messages, and mail. Policies can be set to retain and delete, to retain only, or delete only. Information covered by a retention policy is protected in the event that the group or team expires or is otherwise deleted.
Configuring a retention policy for Microsoft 365 Groups covers the group mailbox and the associated SharePoint site and files.
Retention policies for Teams retain chat and channel messages. While chat and channel messages are stored in Exchange mailboxes, they are not affected by Exchange retention policies. You must set your retention policies to apply to Teams chats and Teams channel messages.
User chats are retained indefinitely even if a user account is deleted. If you don't want to retain this data indefinitely, consider using a retention policy to delete user chats after a specified time or include this deletion in your user deletion process.
A single retention policy can be set to apply to Microsoft 365 Groups, Teams chat, and Teams channel messages.
You can use sensitivity labels to govern guest access, group and team privacy, and access by unmanaged devices for groups and teams. By applying the label, these settings are automatically configured as specified by the label settings.
- Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites
You can configure Microsoft 365 to auto-apply sensitivity labels to files and emails based on the criteria that you specify, including detecting sensitive information types or pattern matching with trainable classifiers.
You can use sensitivity labels to encrypt files, allowing only those with permissions to decrypt and read them.
DLP policies can prevent the accidental sharing of sensitive information across SharePoint, Exchange, and Teams. You can create policies that specify actions to take (such as blocking access) based on a set of rules.
DLP in Teams can help protect sensitive information in Teams chat and channel messages by deleting messages that contain sensitive information.
If you have sensitive information that is unique to your organization, such as project code names, you can create your own sensitive information types and apply them to DLP policies to protect content in groups, teams, and Sharepoint.
With information barriers, you can segment your data and users to restrict unwanted communication and collaboration between groups and avoid conflicts of interest in your organization. Information barriers lets you create policies to allow or prevent file collaboration, chatting, calling, or meeting invitations between groups of people in your organization.