Security & Compliance Center
Designed with accessibility and usability in mind, the Microsoft 365 security center, Microsoft 365 compliance center, and Exchange admin center include existing features and new, enhanced experiences for unified security, compliance, and mail flow management across Microsoft 365 services. These new centers will gradually replace the Office 365 Security & Compliance Center (protection.office.com). You can turn on automatic redirection now in the security center or compliance center, so admins in your organization are instantly redirected from features in the Office 365 Security & Compliance Center to the corresponding feature in the new centers.
To see the options for licensing your users to benefit from Microsoft 365 compliance features, download the Microsoft 365 Comparison table.
Security & Compliance Center availability for business and enterprise plans
| Feature | Microsoft 365 Business Basic | Microsoft 365 Business Standard | Microsoft 365 Business Premium | Office 365 E1, Office 365 US Government G1 | Office 365 E3, Office 365 US Government G3 | Office 365 E5 | Office 365 G5 | Office 365 F3, Office 365 US Government F3 |
|---|---|---|---|---|---|---|---|---|
| Access to the Security & Compliance Center | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Office 365 Cloud App Security | No | No | No | No | No | Yes | Yes | |
| Threat management such as mail filtering and anti-malware | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Advanced threat management, such as threat explorer for phishing campaigns6 | No | No | No | No | No | Yes | Yes | No |
| Customer Lockbox | No | No | No | No | No | Yes | Yes | No |
| Mobile device management | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Data loss prevention for Exchange Online, SharePoint Online, and OneDrive for Business7,9 | No | Yes | Yes | No | Yes | Yes | No | No |
| Communication data loss prevention for Microsoft Teams | No | No | No | No | No | Yes | No | |
| Manual sensitivity labels10 | No | No | Yes | Yes | Yes | Yes | Yes | No |
| Automatic sensitivity labels | No | No | No | No | No | Yes | Yes | No |
| Information barriers | No | No | No | No | No | Yes | No | No |
| Information governance1 | Yes11 | Yes11 | Yes11 | Yes | Yes | Yes | Yes | Yes11 |
| Advanced information governance2 | No | No | No | No | No | Yes | Yes | No |
| Content search | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| eDiscovery cases | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| eDiscovery holds (including query-based eDiscovery holds) | No | No | No | No | Yes | Yes | Yes | No |
| eDiscovery export | No | No | No | No | Yes | Yes | Yes | No |
| Advanced eDiscovery5 | No | No | No | No | No | Yes | Yes | No |
| Archiving | Yes3 | Yes3 | Yes3 | Yes3 | Yes4 | Yes4 | Yes | No |
| Alert policies | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Basic Audit8 | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Advanced Audit | No | No | No | No | No | Yes | Yes | No |
| Communication Compliance (Supervision policies) | No | No | No | No | No | Yes | Yes | No |
| Office 365 Message Encryption (OME) Basic | No | No | Yes | No | Yes | Yes | Yes | No |
| Office 365 Advanced Message Encryption | No | No | No | No | No | Yes | Yes | No |
| Privileged Access Management | No | No | No | No | No | Yes | No | No |
| Customer Key | No | No | No | No | No | Yes | No | No |
1 Audit logs for all plans that include Basic Audit (except for E5) are retained for 90 days. Because E5 includes Advanced Audit, audit logs are retained for up to one year. Also, you can use the Office 365 Management Activity API to retrieve events from the unified audit log.
2 Requires Office 365 data loss prevention add-on.
3 Sensitivity labels are also included in Azure Information Protection P1 and P2.
Security & Compliance Center availability for standalone plans
| Feature | Exchange Online Plan 1 | Exchange Online Plan 2 | Exchange Online Kiosk | SharePoint Online Plan 1 | SharePoint Online Plan 2 | OneDrive for Business Plan 1 | OneDrive for Business Plan 2 | Skype for Business Online Plan 1 | Skype for Business Online Plan 2 |
|---|---|---|---|---|---|---|---|---|---|
| Access to the Security & Compliance Center | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Office 365 Cloud App Security | No | No | No | No | No | No | No | No | Yes |
| Threat management, such as mail filtering and anti-malware | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Advanced threat management, such as threat explorer for phishing campaigns | No | No | No | No | No | No | No | No | No |
| Customer Lockbox | No | No | No | No | No | No | No | No | No |
| Mobile device management | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Data loss prevention for Exchange Online, SharePoint Online, and OneDrive for Business9 | No | Yes | No | No | Yes 7 | No | Yes10 | No | Yes |
| Communication data loss prevention for Microsoft Teams | No | No | No | No | No | No | No | No | No |
| Information barriers | No | No | No | No | No | No | No | No | No |
| Information governance1 | Yes2 | Yes | Yes | Yes | Yes | Yes10 | Yes10 | Yes | Yes |
| Advanced information governance3 | No | No | No | No | No | No | No | No | No |
| Content search | Yes | Yes | Yes | Yes | Yes | Yes10 | Yes10 | Yes | Yes |
| eDiscovery cases | Yes | Yes | Yes | Yes | Yes | Yes10 | Yes10 | No | No |
| eDiscovery export | No | Yes | No | No | Yes | No | Yes10 | No4 | No4 |
| eDiscovery holds (including query-based eDiscovery holds) | No | Yes | No | No | Yes | No | Yes10 | No4 | No4 |
| Advanced eDiscovery5 | No | No | No | No | No | No | No | No | No |
| Archiving6 | No | Yes | No | Yes | Yes | Yes10 | Yes10 | No | No |
| Basic Audit8 | Yes | Yes | Yes | Yes | Yes | Yes10 | Yes10 | No | No |
| Advanced Audit | No | No | No | No | No | No | No | No | No |
| Communication Compliance (supervision policies) | No | No | No | No | No | No | No | No | No |
| Office 365 Message Encryption (OME) | No | Yes | No | No | Yes | No | No | No | No |
| Office 365 Advanced Message Encryption | No | No | No | No | Yes | No | No | No | No |
| Privileged Access Management | No | No | No | No | Yes | No | No | No | No |
1 Information governance lets users create, publish, and manually apply labels to documents; import data using drive shipping or over the network. These features are available in E3 and E5, with only limited availability in E1. For a full list of the features available in E1, E3, and E5, see the detailed Microsoft 365 Compliance Licensing Comparison. (PDF) | (Excel)
2 Requires purchase of Exchange Online Archiving add-on.
3 Advanced information governance allows you to retain important information and delete unimportant information by classifying information based on a retention or deletion policy or both. It includes intelligent/automated actions such as recommending policies, automatically applying labels to data, applying labels based on sensitive data types or queries, disposition review, and use of smart import filters. It also includes the Supervision feature for reviewing employee communications for security and compliance purposes.
4 Skype conversations are stored as part of the mailbox.
5 Advanced eDiscovery requires Office 365 E5 or an add-on license.
6 Skype archiving is within the user's mailbox.
7 Includes files stored in Microsoft Teams repositories.
8 Audit logs for all plans that include Basic Audit are retained for 90 days. Also, you can use the Office 365 Management Activity API to retrieve events from the unified audit log.
9 Requires Office 365 data loss prevention add-on.
10 Limited to files stored in OneDrive for Business.
11 An Exchange Online Plan 2 or Exchange Online Archiving license is required to place a user mailbox on hold using a retention policy.
Security & Compliance Center availability in Office 365 operated by 21Vianet
Compliance Center is available in E3 plan for Office 365 operated by 21Vianet.
Security & Compliance Center availability in Office 365 Germany
The Security & Compliance Center is available for Office 365 Germany. For information about Office 365 Germany, see Office 365 Germany.