Retention policies in SharePoint Online and OneDrive play a critical role in managing organizational data by determining how long to keep the information and what to do with it when the retention period comes to an end. As an Information Protection Administrator, understanding and applying these policies is fundamental.
Understanding Retention Policies
In SharePoint Online and OneDrive, retention policies allow you to:
- Preserve content which is no longer edited but still needed for business or regulatory reasons.
- Delete outdated content that poses a risk to the organization.
These actions ensure data management in the organization remains cost-effective, compliant, and less prone to security threats.
Creating a Retention Policy
Here’s a simple step-by-step guide on how to create a retention policy in the Microsoft 365 compliance center.
- Navigate to the Microsoft 365 compliance center
- In left navigation, choose ‘Information Governance’
- Under ‘Retention’, select ‘+ Create’
- Follow the prompts to label your policy name and the required settings. You can select the retention action to retain and then delete the data after a set period, or just retain without deleting.
- Choose the locations for the Retention Policy. Here, you can specify it’s for SharePoint sites or OneDrive accounts.
- Lastly, click ‘Create this retention policy’.
In terms of location, keep in mind that a Retention policy applied at a SharePoint Site or OneDrive level would cover all content within the site, including files in document libraries, attachments in list items, and files in the site recycle bin.
As an example, let’s create a 3-year retention policy for OneDrive accounts:
IMPORTANT: Please note that some settings, like choosing locations for the Retention Policy, are only available in the advanced retention settings.
– Go to the compliance center, and click ‘Information Governance’ > ‘Retention’ > ‘+ Create’.
– Name the policy “3 Years Retention – OneDrive” and choose ‘next’.
– Under ‘Settings’, select ‘Retain items for a specific period’ and specify ‘3 years based on when it was last modified’. Also, select ‘Delete items when they reach the end of the retention period’ > ‘Next’.
– Under ‘Apply the policy to these locations’, select ‘Choose locations’ > ‘Specific locations’ > select OneDrive accounts > ‘Next’.
– Review your settings and click ‘Create this retention policy’.
Applying Retention Policies
Now, we need to apply these retention policies created to SharePoint Online or OneDrive accounts. Policies get allocated automatically to the user accounts specified when the policy was creating. To ensure that a policy is correctly applied, you need to:
- Validate the policy is deployed correctly. Go to compliance center > Information governance > Retention > locate your policy > click on it. Under policy settings, verify if the policy was applied to your desired locations.
- Verify that the retention label is visible in OneDrive or SharePoint Online locations.
Just remember, retention policies are not retroactive – they won’t apply to content that was created before the policy was in place.
Recap
To summarize, retention policies in SharePoint Online and OneDrive are pivotal components in managing organizational information. By understanding how to create and apply these policies, you ensure data compliance and effective governance, making you a valuable asset in your role as an Information Protection Administrator preparing for the SC-400 exam.
Practice Test
True/False: Retention policies in SharePoint Online and OneDrive can be used to manage the lifecycle of content from creation through deletion.
- True
- False
Answer: True
Explanation: Retention policies allow you to manage content by specifying how long it remains and what happens when it reaches the end of the retention period.
Select all that apply: What can you do with retention policies in SharePoint Online and OneDrive?
- A. Automatically delete content
- B. Automatically preserve content
- C. Automatically create content
- D. Automatically duplicate content
Answer: A, B
Explanation: With retention policies, you can automatically delete or preserve content. Creating and duplicating content is not related to retention policies.
True/False: Retention policies can be applied to individual documents in SharePoint Online and OneDrive.
- True
- False
Answer: False
Explanation: Retention policies in SharePoint Online and OneDrive are applied at the site level, not the individual document level.
What is the minimum retention period you can set for content in SharePoint Online and OneDrive?
- A. 1 day
- B. 1 week
- C. 1 month
- D. 1 year
Answer: A. 1 day
Explanation: The minimum retention period that can be set for content in SharePoint Online and OneDrive is 1 day.
True/False: retention policies apply only to items that users permanently delete.
- True
- False
Answer: False
Explanation: Retention policies apply to items that users delete, not just to items that they permanently delete.
Select all that apply: What happens when the retention period ends for an item?
- A. The item is permanently deleted
- B. The item is moved to a recycle bin
- C. The item is marked for deletion
- D. The item is locked and can’t be edited
Answer: A, B
Explanation: When the retention period ends for an item, it is moved to the recycle bin for deletion, it can also be permanently deleted.
Can retention policies be assigned to specific users in SharePoint Online and OneDrive?
- A. Yes
- B. No
Answer: B. No
Explanation: Retention policies are applied at a site level or to the entire organization and do not target specific individual users.
True/False: When a retention policy and a retention label conflict, the longest retention period prevails.
- True
- False
Answer: True
Explanation: In the event of a conflict, the longest retention period prevails, regardless of whether it’s defined in a policy or a label.
If a retention policy is deleted, what happens to the content the policy was applied to?
- A. The content is immediately deleted
- B. The content remains until manually deleted
- C. The content is marked as outdated
- D. The content is moved to a specific folder
Answer: B. The content remains until manually deleted
Explanation: When a retention policy is deleted, the policy no longer applies to the content, and the content remains until it is manually deleted.
True/False: Retention policies in SharePoint Online and OneDrive can help an organization to comply with regulations.
- True
- False
Answer: True
Explanation: Retention policies can help organizations comply with internal policies and external regulations by ensuring that necessary content is preserved and unnecessary content is deleted in a timely manner.
In SharePoint Online or OneDrive, can you apply more than one retention policy to a single site?
- A. Yes
- B. No
Answer: B. No
Explanation: Only one retention policy can be applied to a single site or site collection at a time.
True/False: Retention policies in SharePoint Online and OneDrive can be manually enforced by end users.
- True
- False
Answer: False
Explanation: Retention policies are automatically enforced by the system and cannot be manually enforced by end users.
Can retention labels override a retention policy?
- A. Yes
- B. No
Answer: A. Yes
Explanation: In certain circumstances, retention labels can override a retention policy, taking precedence and overruling the policy’s settings.
True/False: A Retention policy can help to prevent content deletion.
- True
- False
Answer: True
Explanation: A retention policy can help to prevent content deletion by automatically preserving content until the end of its retention period.
Can retention policies be used on public folders in SharePoint Online and OneDrive?
- A. Yes
- B. No
Answer: B. No
Explanation: Retention policies can only be applied to SharePoint sites, OneDrive accounts, Microsoft 365 groups, and Exchange email. They can’t be applied to public folders.
Interview Questions
What is the fundamental role of content explorer in Microsoft 365 compliance?
Content Explorer helps administrators understand and manage sensitive information across their organization by showing where sensitive information is located.
What are the key functionalities of the Activity explorer in Microsoft 365 compliance?
Activity Explorer provides insight into label usage, views data classification over time, recognizes patterns, and checks user activity in case of anomalies or potential risks.
Can you alter sensitivity labels in Microsoft 365 using the Activity Explorer?
No, the Activity Explorer does not allow for the alteration of sensitivity labels. It is an analytics tool that provides insights and detailed information on the usage of these labels.
How can Content Explorer be used in detecting data breaching in an organization?
Content Explorer enables the administrator to locate sensitive information across various locations. By using it, one can identify unusual patterns or distribution of sensitive information, which could potentially indicate data leakage.
What is one way to monitor label usage in Microsoft 365 compliance?
Label usage in Microsoft 365 can be monitored using Activity Explorer, which provides insights into how labels are being used, including changes over time and by whom they’re being used.
What is the important aspect of data classification in label analytics?
The crucial aspect of data classification in label analytics is the categorization of data based on its sensitivity level, making it possible to apply appropriate security measures.
How does label analytics assist in maintaining standard compliance in an organization?
Label analytics help maintain standard compliance by providing insights on the usage of sensitivity labels across the organization. This enables the identification and resolution of non-compliance in how sensitive information is handled.
What is the primary purpose of using classification labels in document properties?
The primary purpose of using classification labels in document properties is to indicate the sensitivity of a document’s content, thereby aiding in the implementation of access controls and other security measures.
Can we gauge user’s interaction with sensitive information through label analytics tools?
Yes, label analytics tools like Activity Explorer provide details on user interactions with labeled content, allowing for potential risk identification.
How can Content Explorer be used for risk management?
Content Explorer can be used for risk management by allowing administrators to understand where sensitive data is located and how it’s being used. This can reveal potential vulnerabilities or risky behaviors.
extutorials.com