Retention labels and retention label policies are some of the key facets of the MS-101 Microsoft 365 Mobility and Security exam. They enable organizations to manage and govern organizational data in compliance with industry regulations and internal policies. Implementing these labels and policies requires proper planning and careful execution, with a focus on enhancing data management and security.
Understanding Retention Labels and Label Policies
Retention labels and policies in Microsoft 365 are tools designed to help organizations manage and govern their data. A retention label is a tag that you can apply to emails, documents, and other file types across Microsoft 365 applications. This label determines how long the content will be retained, when it should be deleted and what actions should be taken when it meets its retention deadline.
On the other hand, a retention label policy is a rule or set of rules that automate the application of retention labels to documents and emails based on certain conditions.
For instance, you could create a retention label that instructs Microsoft 365 to delete all emails older than three years and apply it via a label policy that targets all mailboxes in the sales department.
#Creating a retention label
New-RetentionCompliancePolicy -Name "3YearRetention" -RetentionDuration 1095 -RetentionAction Delete -Force
#Creating a label policy and applying it to a group
New-RetentionPolicyTag -Name "SalesDepartmentPolicy" -Type Personal -RetentionId <3YearRetention's ID>
Set-RetentionPolicy -Identity "SalesDepartmentPolicy" -RetentionId <3YearRetention's ID>
NOTE: Remember to replace <3YearRetention’s ID> with the actual ID of the “3YearRetention” policy that is shown in the output of the `New-RetentionCompliancePolicy` cmdlet.
Planning Retention Labels and Label Policies
Now that we understand what retention labels and policies are, let’s explore how to plan for their implementation. Here are some key steps:
- Analyze your organization’s data. Understand what data you have and where it resides. Prepare a data map if necessary.
- Understand the compliance requirements. This relates to the period your data must be preserved due to industry regulations, legal needs, or business needs.
- Identify the retention actions. Decide what happens to the data once it reaches the end of its lifecycle. Should it be deleted, retained in a locked state or moved to another location?
- Plan for exceptions. Identify any data that might require special handling based on its importance, sensitivity, or other factors.
Implementing Retention Labels and Label Policies
The implementation of retention labels and policies in Microsoft 365 goes as follows:
- Create retention labels. Use the Microsoft 365 compliance center to create retention labels specifying retention times and actions.
- Publish the labels. Labels need to be published or applied to content so that they can take effect.
- Create retention label policies. Use the created labels to set up retention label policies that will automate label application based on specified conditions.
- Monitor and review the policies. Regularly monitor the implementation to ensure the policies are correctly applied and review them periodically to verify they still address your organization’s needs.
#Publishing a label
Publish-RetentionCompliancePolicy -Identity "3YearRetention"
#Reviewing a policy
Get-RetentionCompliancePolicy -Identity "3YearRetention" | Format-List
Remember, retention labels and policies should be part of your broader data governance and compliance strategy, not disparate elements that you implement in isolation. Also, these steps only apply if you have the necessary privileges to manage retention labels and policies in your Microsoft 365 organization.
Practice Test
True or False: Retention labels in Microsoft 365 are used to help manage and govern data.
- True
- False
Answer: True
Explanation: Retention labels are a key aspect of data governance in Microsoft They allow organizations to manage how long to retain content, helping to ensure data is properly managed and compliant with various regulations.
Which of the following are ways to apply retention labels to content in Microsoft 365? (Select all that apply)
- a) Manually by users in the product interface
- b) Default labels applied by administrators
- c) Automatically based on conditions
- d) Using third-party software
Answer: a, b, c
Explanation: Retention labels can be applied in multiple ways: manually by users, by administrators as default labels or based on conditions such as the content or metadata of the content.
True or False: A retention policy in Microsoft 365 is what enforces the actions you define in a retention label.
- True
- False
Answer: True
Explanation: A retention policy in Microsoft 365 has the settings that enforce the actions (such as deletion or archival) you define in a retention label.
Which of the following are purposes of retention labels in Microsoft 365? (Select all that apply)
- a) Automatically categorizing content
- b) Determining how long to retain content
- c) Deciding when content can be deleted
- d) Sharing content with external users
Answer: b, c
Explanation: Retention labels in Microsoft 365 are used to manage the lifecycle of content, including how long to retain it and when it is eligible for deletion. They are not used for categorizing content or controlling the sharing of content.
An organization can have multiple different label policies. True or False?
- True
- False
Answer: True
Explanation: An organization can have multiple label policies, each with different settings and applied to different users.
Retention labels are available in Microsoft 365 E5 plan only. True or False?
- True
- False
Answer: False
Explanation: Retention labels are available in various plans of Microsoft 365, not just E
What does a retention label policy specify in Microsoft 365?
- a) Where to store data
- b) Who can access data
- c) The action to take when data reaches certain age
- d) What type of data to store
Answer: c
Explanation: A retention label policy in Microsoft 365 specifies the action to take when data reaches a certain age, such as delete or archive.
Retention label can be applied to datasets. True or False?
- True
- False
Answer: True
Explanation: Retention labels can be applied to different content types, including datasets.
Retention labels can be only manually applied by users. True or False?
- True
- False
Answer: False
Explanation: Although users can apply retention labels manually, retention labels can also be applied automatically or as a default label by administrators.
Retention labels in Microsoft 365 do not play any role in ensuring data compliance. True or False?
- True
- False
Answer: False
Explanation: Retention labels play a significant role in data governance and compliance by managing how long content is retained and when it can be deleted.
Interview Questions
What is the use of retention labels in Microsoft 365?
Retention labels in Microsoft 365 are used to classify data for governance, enforcing rules for retention, deletion, and more. They provide a solution for data governance across the organization by helping to keep necessary data and remove data that is considered a liability.
What is a retention label policy in Microsoft 365?
A retention label policy in Microsoft 365 is a distribution mechanism which allows you to push labels out to specific locations. Policies can be applied to all locations or specific ones such as Exchange email, SharePoint sites, OneDrive accounts, and Office 365 Groups.
How are retention labels different from retention policies in Microsoft 365?
While both are used for data governance, the main difference is that retention labels allow for user-driven, manual classification and can be applied to a single item like an email or document, whereas retention policies are applied at a site or mailbox level.
Can you modify or delete a retention label after it has been published?
Yes, you can modify or delete a Published label. However, the changes will not retroactively apply to the content that was already labelled. The changes will only apply to content labelled moving forward.
What are the steps to create a retention label in Microsoft 365?
The steps include: Navigate to the Microsoft 365 Compliance Center > Click on Information governance > Retention > Create label > Enter details > Review your settings > then Create the label.
What is the role of auto-apply retention labels in Microsoft 365?
Auto-apply retention labels allow you to classify data at scale and apply retention labels to content containing sensitive information or to within the vicinity of a specific date range.
What happens when there’s a conflict between retention labels and retention policies?
If there’s a conflict, the retention label in Microsoft 365 takes precedence over a retention policy. The content will not be deleted until both the retention policy and retention label allow it.
Can retention labels be applied to both structured and unstructured data?
Yes, retention labels can be applied to both structured data such as database content and unstructured data such as emails and documents.
What happens when a retention label is applied to an item in Microsoft 365?
When a retention label is applied to an item, it imposes actions to be taken after a specified period. These actions can include moving the item to a different location or deleting it.
What steps should be taken to publish a retention label?
To publish a retention label, navigate to Microsoft 365 Compliance Center > Information governance > Retention > Publish labels or label policies > Choose labels to publish > Choose locations where the label will be published > Name your policy > Review settings > Publish.
Can you apply multiple retention labels to an item in Microsoft 365?
No, you can only apply one retention label to an item in Microsoft 365. If a new label is applied, it replaces the existing label.
What happens if a labelled item is modified in Microsoft 365?
If a labelled item is modified, the retention period restarts. For example, if there is a 7-year retention label on a document and it’s modified 5 years in, the retention clock resets back to 7 years.
Can retention labels automatically classify and label data?
Yes, if coupled with auto-apply policies, retention labels can automatically classify and label data based on certain conditions, such as keyword queries, sensitive information types, or machine learning classifiers.
Can retention labels be used in Outlook?
Yes, retention labels can be used in Outlook for both email and document retention. Users can apply these labels manually or they can be auto-applied using policies.
Can end-users see and apply these retention labels?
Yes, end-users can see and apply retention labels to their documents and emails if those labels are published to the locations they have access to.