The world of SharePoint compliance and records management became more complicated as we moved to Office 365. Instead of records centers, we have labels, and it can be difficult to understand how exactly to stay in compliance. In this session, we will review the compliance features in Office 365, including Advanced Data Governance, Labels, and Retention Policies. We will then compare these features against common records management and compliance business requirements to see how they stack up.
4. Labeling
Classify data across
your organization for
governance, and then
enforcing retention
rules based on that
classification.
Retention
Ensures that you retain
content as long as
required but no longer
than that.
Supervision
Define policies that
capture email and 3rd-
party communications
in your organization so
they can be examined
by internal or external
reviewers.
5.
6.
7. Labels classify documents and can apply
retention. They can do the following:
• Delete content automatically.
• Retain content for a specific time period.
• Delete content once the retention period has passed.
• Trigger a disposition review
• Do nothing.
• Start the retention period from when content was
created, last modified, when the label was applied, or
when an event occurred.
8.
9. Can be deployed to specific locations or the entire organization.
Entire
Locations
Include
or
Exclude
All Locations
SharePoint OneDrive for Business Groups Exchange Email
Sites
(up to 100 sites)
Accounts
(up to 1000)
Groups
(up to 100)
Recipients
(up to 1000)
10. Auto-applied based on sensitive information types
Auto-applied based on a search query
Auto-applied based on a document library location
11. When you create
auto-apply labels for
sensitive information,
you see the same list
of policy templates as
when you create a
data loss prevention
(DLP) policy.
12. Query-based labels use the Content
Search feature in the Office 365
Security & Compliance Center to
identify content.
You can search for a word or phrase
and use operators such as AND, OR,
and NOT.
13. Can only apply a default label to a
document library
Items inside a document or folder
set do inherit the default label
If you move an item with a default
label from one library to another
library with no default label, the
old default label is removed
14. A label that classifies
content as a record
needs to be applied
manually; it cannot
be auto-applied
For SharePoint
content, any user in
the default
Members group (the
Contribute
permission level)
can apply a record
label to content
Only the site
collection
administrator can
remove or change
that label after it's
been applied
If a label is a record
it locks the item so it
cannot be edited
15. For SharePoint
content, any user in
the default Members
group (the Contribute
permission level) can
apply a label
to content
16. If there are multiple rules that assign an auto-applied label and
the content meets the conditions of multiple rules, the label for
the oldest rule is assigned.
PERIOD. NO OTHER OPTION.
17. Create label and choose event type
Publish label and add event ID to content
Create and trigger the event
20. If the label is… Then the label policy can be applied to…
Exchange SharePoint OneDrive Groups
Published to end users X X X X
Auto-applied based on sensitive
information types
X X
Auto-applied based on a query X X X X
21. PROS CONS
Use to identify and action sensitive
content
Application of Label can be 1-7 days
Provides real time classification
of content
Use for high-level classifications No hierarchy of labels Can prioritize labels
A label can be used by RecordPoint to
refine a classification
Generic functionality that doesn’t meet
local standards
Has localized certifications
Need to have an E5 license for
automatic labelling
Can use an Office 365 label as input
No automatic labelling for records Works with any Office 365 license
Have to apply document library labels to
each location
Automatic labelling of records and
content across multiple sources
Can only manage Office 365 content
Can apply classifications from a
central location
22.
23.
24. A Retention Policy is separate from a label.
It can do the following:
• Delete content automatically.
• Retain content for a specific time period.
• Delete content once the retention period has
passed.
• Do nothing.
• Start the retention period from when content
was created or last modified.
25.
26. Entire
Locations
Include
or
Exclude
Exchange Email and Public Folders, SharePoint, OneDrive, and Office 365 Groups
SharePoint
OneDrive
for
Business
Groups
Exchange
Email
Sites
(up to 100
sites)
Accounts
(up to
1000)
Groups
(up to 100)
Recipients
(up to
1000)
Skype for
Business
Teams
Channel
Messages
Exchange
Public
Folders
Teams
Chats
27. Retention wins over deletion
Longest retention period wins
Explicit inclusion wins over implicit inclusion
Shortest deletion period wins
28. 1. If the content is modified or deleted during the retention period
2. If the content is not modified or deleted during the retention period
2
1
Preservation
Hold Library
Document
Library
First-Stage
Recycle Bin
Second-Stage
Recycle Bin
Cleanup
Retention Period
User Purge Cleanup
Permanent
Deletion
Permanent
Deletion
93 Days
7 Days
29. 1. If the content is modified or permanently deleted by the user during the retention period
2. If the content is not modified or deleted during the retention period
2
1
Recoverable
Items Folder
Email or
Public Folder
Cleanup
Retention Period
Permanent
Deletion
Permanent
Deletion
14-30 Days
14-30 Days
Cleanup
30. PROS CONS
Simple content clean-up for
non-records content
Keeps documents for 93 days after
disposition approval
Dispose of document immediately
on approval
Covers Skype for Business, Teams
Conversations, and Exchange
Content
No certification of destruction
Provides a fully auditable
certification of destruction
Can’t manage SharePoint on-
premises
Can manage multiple on-premises
and cloud content sources
Legal hold integrates with Office 365