Using Office 365 Compliance Center
Office 365 is a suite of software products that Microsoft offers via a software-as-a-service subscription. The goal of the service is to reduce the IT costs for business implementations. The Security & Compliance Center is an admin center that provides security dashboards for the subscription you purchased. A good way to view the Security & Compliance Center is as a data aggregation site of the different security services in Office 365. The driving factor for Office 365 security features are regulatory standards and user feedback. As an example, services are set up to meet the requirements of the National Institute of Standards and Technology Cybersecurity Framework (NIST-CSF) or the NIST-800-53 compliance standard for government contractors (see the Microsoft Compliance Manager). If you explore the NIST-CSF standard, which is based on the pillars of identify, protect, detect, and response, you will see a detailed relationship with Office 365 security features. As an example, in Figure 6-1, the four pillars are built into Windows Defender ATP (part of the Microsoft 365 E5 subscription) to remediate attacks.