Sergio Zuniga May 25, 2021 6 min read

What's New in Security and Compliance in SharePoint

As our lifestyles and work environments evolve, so does the way we approach technology and use digital platforms. From critical business data to customer's personal info, everything is stored in hi-tech systems that need constant protection from growing security threats.

Microsoft takes an innovative approach to privacy, compliance, and cybersecurity for remote workers.  

Read ahead to find out the innovations happening in security and compliance in SharePoint, Teams, and OneDrive to help you govern and secure your data while working remotely.

Secure External Collaboration

Access to Governance Insights

With the digital transformation and global expansion of your organization, the magnitude of your sensitive data shared externally also increases. Admins can access SharePoint's governance insights dashboard and oversee the policy settings and external shares for valuable sites.

Such insights help validate sites with sensitive documents and define access policies for the shared content.

Comprehensive Sharing Policies

You can apply the sensitivity labels provided by Microsoft Information Protection (MIP) to SharePoint Team or Site. Then associate it with privacy policies to secure all types of sensitive content on there.

Protection of Encrypted Files

Microsoft aims to expand its MIP journey and protect sensitive data while also creating a better productivity experience for users. In 2020, MIP sensitivity labels for OneDrive, Teams, and SharePoint's Office files became available for everyone. These included high productivity experiences, including Microsoft 365 app's coauthoring on the web like Excel, PowerPoint, and Word.

The AutoSave and coauthoring features can also be used on encrypted and labeled Microsoft 365 files on both Windows and Mac, allowing more users to coauthor a secured file and maintain its protection. Additionally, users can avoid manual file saving, increasing their productivity.

Files Collaboration

SharePoint enhances Microsoft Team's file collaboration service, and now Microsoft Teams Connect is here to simplify the partnership between teams and people throughout firms.

Admins can control their firm and dictate how external users access Team's data and information.

Comprehensive Compliance

Information Barriers

Admins can block collaboration and communication between user segments.

They can access the information barriers compliance report and view a site's compliance status using SharePoint admin PowerShell cmdlets. Furthermore, owners of SharePoint Site can use the Site Information pane to include explicit segments.  

Teams Multi-Geo Support

While OneDrive, Exchange, and SharePoint already support multi-geo, enabling users to fulfill their data residency requirements, Teams Multi-Geo extends that support.

Ignite can show more of Microsoft Team's compliance, privacy, and security features, such as Disable attendee in video meetings, end-to-end encryption of Teams calls, Invite only meetings, etc.

Securing access with contextual and conditional policies

Securing Sensitive Sites

It is becoming normal to allow user authentication and resource access through passwordless technology. You might need more authentication to access sensitive sites depending on their condition and the site's authentication and sensitivity context.

For instance, you need a step-up authentication containing granular policies such as Multi-Factor-Authentication. This is important for sites labeled Confidential as it helps weed out users who have no business being there and their presence doesn't align with the site's access requirements.

There is an addition of MIP labels-based granular restricted access policies to secure OneDrive and SharePoint sites. Admins can add these authentication contexts into the Azure Active Directory customized to meet the firm's security features.

For instance, you have to provide one-factor authentication for Low authentication contexts, but an MFA for High authentication contexts like an IP network location policy or OTP verification. Using this, you can connect authentication contexts with the sensitivity labels in the Microsoft 365 Compliance center.

Users have complete transparency of the complexities of security policies. All they have to do is label the sensitive site appropriately, and all relevant conditional policies will be applied at the backend. It allows users to be productive, facing interruptions only when they have to access sensitive sites requiring additional context and further verifying on-demand.


A growing reliance on remote work environments requires monitoring privacy and cybersecurity. This is the only way for corporate networks, web apps, and websites to avoid any attacks on their security systems so they can continue to work efficiently with their customers and partners.

Microsoft has been at the forefront of technological innovations that help users work in a safe and secure environment, increasing productivity and efficiency.

Head over to Definity First to see how you can use these solutions, work safely and collaborate with others from home.


Sergio Zuniga

Consulting Services VP at Definity First. Over the years I went through the different roles on the technical side until I was seduced by the dark side of business development and sales. I like to help clients from a technical and a business perspective, finding the best solution for their needs.