Information technology use policies based on classification of groups, teams, and sites is provided. Example systems may enable information technology administrators to specify which policies may apply based on manual or automatic classification of groups, teams and sites. This may include the ability to specify associated membership, sharing, and access policies, data storage and sharing locations, retention policies for different types of content, and application of various information governance and protection options / requirements. Information technology administrators, who inherently understand the data and information management needs of organizations and members, may define a reasonable set of simplified classification options that information workers can use. Thus, information workers may no longer need to learn the details of data policies. They can simply select the proper data classification, and the security and compliance service may automatically configure the associated groups, teams, sites, and associated data.