Skip to content

Chapter 1


Chapter 2


Chapter 5


Chapter 2


In order to protect data and prevent its disclosure, organisations must respect the standards and regulations in force. To do this, continuity of protection through verifiable controls must be ensured.

Nearly half of companies poorly handle the analysis of exchanged content and the control of internal data leaks.

40% consider as fairly poor, even very poor their ability to examine data 40% before exchanging it. – Source: IDC Compliance Survey for Microsoft – July 2020

This white paper is based on a specific client case:

How can I identify the sensitive information in my Microsoft 365 tenant so I can comply with my Security policy?

An international body with more than 100,000 users and several million documents in the Cloud expressed the need to check the maturity level of its data compliance by completing the identification and classification of its sensitive documents in the Microsoft 365 environment.

The border between safety and security issues is not always easy to distinguish but represents a major element in establishing security and compliance policies. Safety is a set of measures to evaluate and advocate appropriate solutions with the aim of protecting persons inside an organisation. Whereas security encompasses measures to protect the resources of an information system.

The objective of this white paper is to respond to the initial question by using Microsoft compliance tools.