Office 365 has inbuilt spam and malware protection capabilities for Exchange Online platform. The main advantage of this is admin don’t need to set up any separate filtering feature as it is enabled by default. But in Exchange Admin Center (EAC), admin can create business specific filtering customization.

1. Office 365 Security and Compliance Policies
Most of the companies including small to large business organizations can’t deny the fact that
there can be some risk of cyber-attack which can’t be ignored. The majority of the time it’s hard
to determine how vulnerable they are exactly and what measures can be taken to prevent those
situations. Here is why Microsoft has come up with Office 365 Security and Compliance Policies as
per your organization’s needs. You might like to establish secured policies and services for your
business to cover the majority of the security concerns.
Please find below the available Office 365 features to ensure your organization’s security and
compliance necessity.
Office 365 Security and Compliance Center:
You can set up compliance for Office 365, Exchange Online and SharePoint Online under this
feature. This section has several options. First, you can avail mail archive policy where your
emails will automatically be moved from primary mailbox to archive mailbox after a particular
period of time.
Second, you can automatically manage and secure your organization’s sensitive information with
DLP (Data Loss Prevention) policies which you can create by yourself.
Third, you can grant and deny access to compliance managers in your organization to permit
access of some or all of the compliance features.
Apart from that, you can manage eDiscovery cases, auditing reports, retention and deletion
policies in SharePoint and Exchange Online which are discussed in next points.
Archive Policy in Office 365
This policy helps to automatically remove older and not so frequently accessed information when
they are no longer needed. This includes archiving mailboxes which have been discussed earlier.

2. Next is Retention policy which comes under this section. With Retention policy, admin can allow,
assign, and apply certain policy tags to particular mailbox folders as per requirement. These tags
help to decide how long a particular item should be retained. Also, this feature can be used to
delete less important items like newsletters and notifications after a small period of time.
Another feature falls under this category is Document Deletion Policies. Saving some important
items longer than they require might increase legal risks. With Document Deletion Policies, certain
items will automatically be deleted after the necessary period of time.
Next is Information Management Policy which comes up with the benefits where one can create
set of rules as per the type of content. You can control how long an item should be retained or
what accessibility features should be provided to maintain legal regulations.
The last feature that comes under this category is Records Management in SharePoint Online. This
policy helps you store all your critical files in one centralized place called Records Center Site. A
proper plan is required before creating a records centre where you can rightly configure and
manage your records.
Anti-spam and Anti-malware protection policy
Office 365 has inbuilt spam and malware protection capabilities for Exchange Online platform.
The main advantage of this is admin don’t need to set up any separate filtering feature as it is
enabled by default. But in Exchange Admin Center (EAC), admin can create business specific
filtering customization. Under this policy feature, one can create safe senders list and blocked
senders list by utilizing IP addresses. You can also create a custom filter where you have the
control to give access to specific users or admins. Admin can even send spam and non-spam
messages to Microsoft for security analysis.