Data Retention and Destruction in Office 365

As organizations continue to invest heavily in cloud collaboration, the amount of information maintained in the form of documents, emails, or instant messages can balloon rapidly. Moving that data into a single space like Office 365 is a huge win in terms of discovery for admin and litigation teams, and usability for end users, but the incredible amount of space available to users means there’s a larger burden on administrators to ensure that data is both discoverable, and destroyed when it becomes older than the organization’s legal compliance period.

The first part of this is simple. You need to make sure that data retention is configured for your organization. Not only is this handy to meet your compliance requirements, it helps with overcoming the ‘oops’ moment for end users when they accidentally delete data, it enables you to take advantage of inactive mailboxes to save licenses, and it helps recover from malware in your tenancy by leveraging versioning in OneDrive and Teams.

To quickly enable retention, head to the security and compliance center and select ‘Retention’ from the Data Governance panel.


When you elect to create a new policy you’ll be prompted to name your policy and identify exactly what you’d like your policy to do. In this case, we’re electing to retain data for seven years and also delete it after that duration. Depending on your requirements you may opt to maintain the data indefinitely without deleting it, or have a pure data destruction policy which deletes all data after a certain period of time. Note that the advanced options allow you to target specific data types such as personally identifiable information and financial information based on global standards. Additionally you can create your own data tags or policies to enforce there as well if you have a special requirement.


Now that you’ve clarified how long you’d like to keep your data and if you’d like it purged after that period, you need to identify which data locations you’d like to apply that policy to. Note that you’ll need to create two retention policies, one for default locations like OneDrive, Exchange, and Sharepoint as well as a dedicated one for Teams chat and channel chat since Teams stores that data in an Azure chat service.


Now that we’ve ensured that we’ve got our bases covered in terms of data retention we’ll circle back soon to discuss eDiscovery practices, search and destroy of malicious content, as well as leveraging the Threat Explorer in the compliance center to make that process easier.


Leave a Reply

%d bloggers like this: