Secure your information with SharePoint and OneDrive

Today at the SharePoint Virtual Summit, we unveiled the latest innovations for SharePoint and OneDrive, including powerful integrations across Office 365, Windows and Azure – and while we continue to drive forward with a cloud-first, mobile-first vision – security and compliance are at the foundation of everything we do.

Microsoft has been building enterprise software for decades and running some of the largest online services in the world. We draw from this experience to keep making SharePoint Online and OneDrive for Business more secure for users, implementing and continuously improving security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of your services and data.

The collaboration landscape has changed. Connectivity is ubiquitous and the ability to work remotely has become an ingrained part of the work practice. People have come to expect to be able to access email and documents from anywhere on any device – and for that experience to be seamless.
While this has been an enormous boost to productivity, it also presents huge challenges for security. Previously, businesses needed to concern themselves with a firewall that ended at the corporate boundary. Now that boundary has shifted to the end user. Businesses need to ensure sure that corporate data is safe while enabling users to stay productive in today’s mobile-first world, where the threat landscape is increasingly complex and sophisticated.


SharePoint Online and OneDrive for Business are uniquely positioned to help you address these evolving security challenges. To begin with, Microsoft has continued to evolve with new standards and regulations. This has been a guiding principle as we think about security for SharePoint Online and OneDrive for Business. Right alongside that principle is this one: There is no security without usability. If security gets in the way of productivity, users will find a different, less secure way to do their work.

SharePoint Online and OneDrive for Business allow your organization to go beyond its regular business rhythms and be nimbler in responding to market changes and opportunities. These solutions enable users to access the files and documents they need wherever they’re doing work, while sharing and collaborating in real-time. And you control and own your data while Microsoft takes care of it – click here to explore the many options SharePoint and OneDrive provide to secure you and your information and then read our eBook Securing your content in the new world of work with SharePoint and OneDrive.

What’s coming next with Administration and Manageability?
In Q4 CY2017 we will begin rolling out the new SharePoint admin center. From the home page, you’ll notice just how much better it is, with interactive activity reports, Message Center posts, and a health dashboard tuned to the needs of SharePoint administrators.


You’ll easily find and work with the dozens of SharePoint settings the service gives you to configure sharing, access, and the service. And we know you’ll love the dynamic new Site Management page, which lets you view, filter, and edit the configuration of all of your SharePoint sites, including sites connected to Office 365 groups.


What’s coming next with Security and Compliance?
The rapidly-changing security landscape means that your organization’s content – its knowledge – is being shared more broadly, and accessed from more devices and more locations, than ever before. We’re committed to the security, privacy, and compliance of your data, and we continuously innovate intelligent ways to protect your content, and to empower you to govern and manage information. Last month we announced label-based classification for information management policies, which enable a more dynamic governance of content across SharePoint, Exchange, and Skype, and Microsoft Teams.

Today we announced upcoming support for customer managed keys. In Q4 CY2017, you will be able to host your own key in Azure. That key be used to further encrypt your data in Office 365, so that should you choose to leave Office 365, you can revoke the key and your data will be inaccessible to the service.

We also announced that conditional access policies will be coming to site collections. These policies allow you to define access based not only on user and permissions levels, but also based on the device , the user, or the location. Conditional access policies can currently be applied to your Office 365 tenant as a whole. In late CY 2017 we will allow you to define these policies at the site collection level, so that you can manage security on a granular, use-case basis.

Watch the short video here that demonstrates and shares more details about these investments and hope to see you at Microsoft Ignite where you can learn more about what’s next for security, compliance, and administration for SharePoint and OneDrive.

Introducing the new SharePoint Admin Center

Today at the SharePoint Virtual Summit, we unveiled the latest innovations for SharePoint and OneDrive, including powerful integrations across Office 365, Windows and Azure.

Innovation in the cloud drives tremendous business value, and it delivers new capabilities to the IT professionals who work tirelessly to support, configure, administer, and secure their organizations’ content and services.

We’ve built Office 365 with global scale, exceptional reliability, and support for compliance across every industry and geography. On top of intelligent security that keeps your service and content protected and private, we give you granular and dynamic controls so that you can manage access and distribution of your organization’s sensitive information. We’ve equipped you with detailed activity and usage reports. And we’ve brought the innovations born in Office 365 to SharePoint Server with out-of-the-box capabilities and connected, hybrid experiences.

While our new user experiences are designed to be simpler, more intuitive, and more powerful we also believe administration should be just as simple, just as intuitive, and just as powerful, and to that, later this year we’re introducing a completely revamped SharePoint Admin center that draws heavily on our modern principles. An administrative console designed to help IT achieve more, so their users can achieve more.

The redesigned “Home” is designed to surface the most important information and quickly help you discover some of the most important information about the service, both its health, and how your organization is using SharePoint Online.


Site Management
Borrowing from the modern List experience in SharePoint Online, the new Site Management page promotes ease of use and flexibility – a one stop shop for viewing and managing some of the most important aspects of SharePoint Online sites.  You can now sort, filter, and discover information about your sites and their activity.


At the foundation of SharePoint is sharing, and we’re bringing sharing controls to the forefront of administration. Closely aligned with the OneDrive Admin Center, our sharing controls are designed to help your users make the most of their work all the while making it easy for you to control the flow of your organizations information.


Device Access
If you’re complacent, you’re likely not compliant – however, we believe compliance shouldn’t get in the way of collaboration and over the past year have introduced several new conditional access policies across user, location, and device pivots to help you secure access to your information. With the upcoming SharePoint Admin Center, you can quickly access and use these policies to address your unique business needs.


To learn more about conditional access in SharePoint Online… or to explore more security and compliance scenarios visit When you’re done exploring, be sure to read our new eBook “Securing your information in the new world of work” at

We’ve taken the many settings available to you for SharePoint Online and grouped and isolated them to simplify how you manage some of the more discrete options for the service and sites.


To see more of the new SharePoint Admin Center check out the video below and to learn more be sure to register for Microsoft Ignite.



File Security in SharePoint Online and OneDrive for Business (Whitepaper)

When choosing a cloud collaboration platform, the most important consideration is trust in your provider. Microsoft SharePoint and OneDrive for Business are covered by the core tenets of earning and maintaining trust: security, privacy, compliance, and transparency. With SharePoint and OneDrive, they’re your files. You own them and control them. The Microsoft approach to securing your files involves:

A set of customer-managed tools that adapt to your organization and its security needs.
A Microsoft-built security control framework of technologies, operational procedures, and policies that meet the latest global standards and can quickly adapt to security trends and industry-specific needs.

These tools and processes apply to all Microsoft Office 365 services—including SharePoint and OneDrive—so all your content beyond files is secure.

Learn more about file security in SharePoint Online and OneDrive for Business in this whitepaper

Conditional Access Policies with SharePoint Online and OneDrive for Business

The days of the corporate boundary beginning at the firewall are over, today’s corporate boundary is the end user.  Connectivity is ubiquitous and with an endless number of devices available, people have an increasing number of options for staying connected at anytime, anywhere.

The freedom to work fluidly, independent of location has become an expectation as has the freedom to access email and documents from anywhere on any device—and that experience is expected to be seamless.  However, data loss is non-negotiable, and overexposure to information can have lasting legal and compliance implications.  IT needs to make sure that corporate data is secure while enabling users to stay productive in today’s mobile-first world, where the threat landscape is increasingly complex and sophisticated.

SharePoint Online and OneDrive for Business are uniquely positioned to respond to today’s evolving security challenges.  As a first step to providing administrators security and control in a mobile and connected world are conditional access policies.  Conditional access provides the control and protection businesses need to keep their corporate data secure, while giving their people an experience that allows them to do their best work from any device.  Conditional access policies with SharePoint and OneDrive allow administrators define policies that provide contextual controls at the user, location, device, and app levels.

In January we made available to First Release Tenants location-based policies which allow administrators to limit access to content from defined networks.  These policies ensure content can only be access when someone is connected to the defined network, denying access outside of that boundary – whether the content is access via a browser, application, or mobile app.

Configuring Location-Based Policies

To configure location-based policies:

Navigate to the SharePoint Admin Center in Office 365 and select device access from the list of available options (see illustration).


On the Restrict access based on device or network location page navigate to Control access based on network location and specify a range of allowed IP addresses (see illustration).



In scenarios where an administrator has also configured Azure Active Directory Premium (AADP) to restrict location access by IP network range, this policy is prioritized, followed by the SharePoint policy; however, the specified ranges should not be in conflict of one another.  To learn more about conditional access in Azure Active Directory see

Conditional access policies are just one of a broad array of features and capabilities designed to make certain that sensitive information remains that way, and to ensure that the right people have access to the right information at the right time.  To learn more about how Office 365 safeguards your data while increasing employee productivity see


Q: Is location-based policy limited to SharePoint Online and OneDrive for Business?
A: Location-based policy, as configured through the SharePoint Admin Center are limited to SharePoint Online, OneDrive for Business, and Groups.

Q:  Is location-based policy available to E3?
A:  Yes.  Location-based policy is available to all SharePoint Online SKUs including E3?

Q:  Does location-based policy require Azure Active Directory Premium?
A:  No, location-based policy does not require Azure Active Directory Premium.

SharePoint 2013 and Office 365 Hybrid

The French philosopher, Henry Bergson, once said “to exist is to change, to change is to mature, to mature is to go on creating oneself endlessly.” While the Nobel Prize winner wasn’t talking about the software and services world, the thought is extremely applicable to technology- from development to administration to use. The adoption of, and change to, cloud computing is maturing at a rapid rate…but the move needs to be thoughtful.

At Microsoft we are truly embracing this change through our cloud first/mobile first mantra and we have seen customer interest grow for all of our maturing cloud services, in a very significant way- from IaaS capabilities in Microsoft Azure, to gaming and entertainment consumption in XBOX Live to our productivity and collaboration solutions for Office 365. In all cases, customers love the time to value, cadence of new and helpful features and predictive costs that the cloud computing offers.

However, we also know that the move to cloud doesn’t happen all at once. In Office 365, we have seen incredible interest and growth for all of our services, including SharePoint Online. To that end, we absolutely recognize customers need to balance their desire to adopt SharePoint Online, while still maintaining existing, on-premises, SharePoint Server investments until the time when they can be migrated to the cloud.

For those customers ready to thoughtfully embrace the change to cloud, we are committed to helping you with our hybrid models and tools so you can leverage the Microsoft Cloud to change your business endlessly. We believe the future of work is how we build relationships, share information, and respond to conditions that can change at a moment’s notice, Office 365 is the cornerstone of our response, and with our current and future investments we’re helping to bring you there with as little friction as possible.

For more information and to understand what hybrid scenarios can do for your business see the following resources:

Check out new downloadable content you can share with your organization at

Learn more about Hybrid Models with SharePoint and Office 365 []

Download Hybrid SharePoint 2013 Resources []

Check back often as we continue to innovate on our hybrid vision to help you realize the best of on-premises and the cloud.