Advanced Message Encryption provides policies and branding templates for encrypting email communications with third parties. Additional functionality includes scheduled expiration of access and immediate revocation of access if necessary.
Customer Key lets Microsoft 365 customers add extra protection against viewing data by letting organisations bring their own encryption keys for use in encrypting Microsoft 365 data and meeting regulatory or compliance requirements.
Double Key Encryption for Microsoft 365 uses a key Microsoft stores in Azure and another key the customer holds. Double Key Encryption supports cloud and on-premises deployments.
Information Governance helps to keep what has to be kept and delete what does not using retention policies and retention labels. After a retention policy or retention label time period has passed, the data can be deleted automatically.
Records Management is for content that needs to be defined as a record for regulatory, legal or internal requirements. This places restrictions on the records, logs activities on the item and can provide proof of disposition if records must be deleted after the retention period.
Rules based classification is made up of two components. For Office 365 content, rules based classification can assign a sensitivity label to content when it matches specified rules, so users do not need to classify content themselves. For content on SharePoint Server or file shares, AIP Scanner can be used to scan repositories and if required, classify content that matches specified rules.
Teams Data Loss Prevention extends Data Loss Prevention to Microsoft Teams channel and chat messages (in addition to Teams document storage in SharePoint Online) for licensed users.