The simplest way to manage security and permissions in SharePoint Online is to use the Office 365 Admin center. SharePoint administrators can create user groups to control access, selecting which users can see, view and/or edit specific sites and libraries in SharePoint Online. Adding or removing users from those groups then automatically updates security in SharePoint.
Using this approach to security is primarily aimed at organisations who have bought an Office 365 subscription with SharePoint Online and have no intent to integrate it in any way with an on-premise network, in fact they may not even have an on-premise network.
Navigating the Office 365 Admin center
In the Office 365 Admin center, the valid users of your tenancy are listed under:
- Users > Active users > Licensed users
Groups can be seen in the Admin center under:
- Groups > Groups > Security group
The groups created here then appear in SharePoint Online as a "User" you can add to any of the standard SharePoint groups.
If you want to create and set a new security group:
- Create it in the Office 365 Admin Centre - Groups > Groups > Create a group (of type security group)
- Add users to the group
- Now that the group is created it will act as a regular "User" in your SharePoint Online environment