Implementing retention policies and tags in Microsoft Exchange Online is a critical part of managing and protecting information as part of the responsibilities of a Microsoft Information Protection Administrator (SC-400). These strategies will help manage the lifecycle of data and ensure its compliance with regulatory requirements.
I. Understanding Retention Policies and Tags in Microsoft Exchange Online
Retention policies and tags in Microsoft Exchange Online are tools for managing the lifecycle of data in an organization’s email system. These tools enable administrators to set rules regarding how long certain types of information are kept and when they are disposed of or archived, based on criteria set by the organization.
- Retention Policies: Retention policies are applied to mailboxes and dictate a set of retention policy tags for various types of data. They ensure the automatic management of email data life cycles in an organization.
- Retention Tags: A retention tag is metadata connected to a folder or an individual item such as an email in a mailbox. These tags contain instructions for how long the item or folder should be retained and what action should be taken once the retention period ends, such as delete or archive.
II. Implementing Retention Policies in Microsoft Exchange Online
Retention policies in Exchange Online can be accessed from the Microsoft 365 compliance center at compliance.microsoft.com.
To create a new retention policy, follow these steps:
- Navigate to Information Governance -> Retention.
- Click on the “+Create” button to create a new policy.
- Provide a name and description.
- Choose the locations where you want the policy to apply.
- Set the retention settings such as the retention period and actions after the retention period.
For example:
Name: ‘Company Email Retention Policy’
Description: ‘Keeps all emails for 5 years’
Locations: ‘All locations’
Retention period: ‘5 years’
Action: ‘Delete items automatically after the retention period ends.’
III. Implementing Retention Tags in Microsoft Exchange Online
Retention tags are implemented in three ways: default policy tags, retention policy tags, and personal tags.
- Default Policy Tags (DPT): These apply the default retention policy to unassigned items in a mailbox.
- Retention Policy Tags (RPT): They are used to assign a retention policy to a default folder such as Inbox or Sent Items.
- Personal Tags: Personal tags allow users to implement custom retention settings to specific items or folders.
To create a retention tag:
- Navigate to Compliance Management -> Retention Tags.
- Click the “+ +” button to create a new tag.
- Choose the type of tag (Default Policy Tag, Retention Policy Tag, Personal Tag).
- Input a name and description for the tag.
- Set the retention settings such as the retention period and the action to take when that period ends.
For example:
Tag type: ‘Retention Policy Tag’
Name: ‘Inbox Retention Tag’
Description: ‘Keeps all inbox emails for 3 years’
Retention period: ‘3 years’
Action: ‘Move items to archive after the retention period ends’
In conclusion, implementing retention policies and tags in Microsoft Exchange Online allows an organization to manage data lifecycle, ensures compliance with regulatory requirements, and optimizes the use of storage resources. This makes them integral tools for a Microsoft Information Protection Administrator.
Practice Test
True or False: Retention tags are needed for implementing retention policies in Microsoft Exchange online.
- True
- False
Answer: True
Explanation: In Microsoft Exchange Online, retention tags are used to automatically apply retention settings to folders and individual items such as email messages and notes.
What type of retention tags apply to default folders like Inbox, Sent Items, Deleted Items, and so on?
- A. Personal
- B. Default
- C. Custom
- D. None of the above
Answer: B. Default
Explanation: Default retention tags are applied to default folders such as Inbox, Sent Items, and Deleted Items.
What are retention tags used for in Microsoft Exchange online?
- A. To apply retention settings to folders and individual mail items, such as email messages.
- B. To tag emails for priority.
- C. To tag emails by category (work, personal, etc.)
- D. None of the above.
Answer: A. To apply retention settings to folders and individual mail items, such as email messages.
Explanation: In Microsoft Exchange Online, retention tags are the building blocks of retention policies. They allow to apply retention settings to individual folders and mail items such as email messages.
True or False: Microsoft Exchange Online doesn’t provide a way to delete or archive items automatically after a specified period.
- True
- False
Answer: False
Explanation: Exchange Online does provide retention policies and tags that can delete or archive items automatically after a specified period.
Does each mailbox in Microsoft Exchange Online require a different retention policy?
- A. Yes
- B. No
Answer: B. No
Explanation: Same retention policies can be applied to multiple mailboxes in Microsoft Exchange Online.
True or False: Retention tags can be used for specific messages or folders that user want to treat differently from the rest of the mailbox.
- True
- False
Answer: True
Explanation: Personal retention tags allow users to apply their own retention settings to specific folders or messages that they want to treat differently from the rest of the mailbox.
Which type of Retention Tags apply automatically to all items, regardless of the folder in which they are located?
- A. Personal Retention Tags
- B. Default Retention Tags
- C. DiscoveryHold Retention Tags
- D. MRM Retention Tags
Answer: B. Default Retention Tags
Explanation: Default Retention Tags are applied to all items in the mailbox, regardless of the folder they are located in.
What is the purpose of DPT (Default Policy Tag) in a Retention Policy?
- A. To delete specific items from inbox
- B. To apply policy tag on messages
- C. To assign a delete or archive action to the entire mailbox
- D. None of the above
Answer: C. To assign a delete or archive action to the entire mailbox
Explanation: DPT assigns a delete/archive action to the entire mailbox, except where a different tag is applied.
True or False: A mailbox can’t have more than one retention policy.
- True
- False
Answer: True
Explanation: A mailbox can have only one retention policy at any time.
What Action types are available for Retention Policy Tags?
- A. Delete And Allow Recovery
- B. Permanently Delete
- C. Move To Archive
- D. All of the above
Answer: D. All of the above
Explanation: All these actions: Delete And Allow Recovery, Permanently Delete and Move To Archive are available for Retention Policy Tags.
True or False: Personal tags are available for the users to apply them manually on individual items or folders.
- True
- False
Answer: True
Explanation: Personal tags are intended for the users to apply manually to custom folders or individual items.
What would happen if a retention policy isn’t assigned to a mailbox?
- A. The mailbox data will be lost
- B. The default Microsoft 365 retention policy applies
- C. No retention actions will take place
- D. The user will not be able to access the mailbox
Answer: C. No retention actions will take place
Explanation: If a retention policy isn’t assigned to a mailbox, no retention actions will take place.
True or False: It is possible to include all users in your organization in a retention policy, except for specific users.
- True
- False
Answer: True
Explanation: A retention policy can be applied to all users or specific users/groups in your organization.
True or False: In Microsoft Exchange Online, retention settings are applied to folders and individual items such as email messages and notes.
- True
- False
Answer: True
Explanation: In Microsoft Exchange Online, retention tags are used to apply retention settings to folders and individual items such as email messages and notes.
How do you create a Retention Policy tag in Microsoft 365 security center?
- A. By going to Information governance > Retention > New retention policy
- B. By going to Information protection > Labels > New retention label
- C. By going to Compliance center > Policies > Create a policy
- D. None of the above
Answer: A. By going to Information governance > Retention > New retention policy
Explanation: This is the right navigation path to create a Retention policy in Microsoft 365 security center.
Interview Questions
What are retention policies in Microsoft Exchange Online?
Retention policies in Microsoft Exchange Online are tools that enable admins to manage and control how long to retain email messages or other mailbox items for eDiscovery purposes.
How are retention tags implemented in Microsoft Exchange Online?
Retention tags are implemented in Microsoft Exchange Online through the Exchange Admin Center (EAC) or using Exchange Online PowerShell. They are then applied to folders (and individual items within) or an entire mailbox.
What are the two types of retention tags in Microsoft Exchange Online?
The two types of retention tags in Microsoft Exchange Online are Default Policy Tags (DPT) and Retention Policy Tags (RPT).
What is the purpose of the Default Policy Tags in Microsoft Exchange Online?
Default Policy Tags (DPT) in Microsoft Exchange Online are used to apply retention settings to all items in a mailbox that don’t have a Retention Policy Tag (RPT) applied to them.
What is the role of Retention Policy Tags (RPTs) in Microsoft Exchange Online?
Retention Policy Tags (RPTs) in Microsoft Exchange Online are used to apply retention settings to default folders such as Inbox, Deleted Items, and Sent Items.
How can you change the priority of a retention policy in Microsoft Exchange Online?
The priority of a retention policy in Microsoft Exchange Online can be changed through the Exchange Admin Center or by using Set-RetentionPolicy command in the Exchange Online PowerShell.
In Exchange Online, which takes precedence — an explicit retention policy applied to an item, or a folder’s retention tag?
In Exchange Online, an explicit retention policy applied to an item takes precedence over a folder’s retention tag.
What happens when the retention policy tag is modified in Microsoft Exchange Online?
When the retention policy tag is modified in Microsoft Exchange Online, the new settings are applied to all items in the mailbox where the tag is applied.
What happens when a retention tag is deleted in Microsoft Exchange Online?
When a retention tag is deleted in Microsoft Exchange Online, it is removed from any policies referencing it, but any retention settings previously applied to mailbox items by that tag will remain.
When a retention policy is assigned to a user’s mailbox in Exchange Online, when does that policy take effect?
When a retention policy is assigned to a user’s mailbox in Exchange Online, the policy typically takes effect within 24 to 48 hours.
How can you check which retention policies are applied to a mailbox in Microsoft Exchange Online?
You can check which retention policies are applied to a mailbox in Microsoft Exchange Online by using the Get-Mailbox command in Exchange Online PowerShell, or by viewing the mailbox properties in the Exchange Admin Center.
Why would organizations use retention policies and tags in Microsoft Exchange Online?
Organizations use retention policies and tags in Microsoft Exchange Online to ensure compliance with information governance laws and regulations, establish consistent policies for preserving or deleting content, reduce the risk of data loss, and optimize storage usage by archiving old content.
Can you apply more than one retention policy to a single mailbox in Microsoft Exchange Online?
No, you cannot apply more than one retention policy to a single mailbox in Microsoft Exchange Online. However, a single retention policy can include multiple retention tags.
What is a Personal tag in the context of Microsoft Exchange Online?
A Personal tag in Microsoft Exchange Online is a type of retention tag that users can apply to items to customize the retention settings for those items. Personal tags allow users to override the default retention policy.
Are there any limitations to the number of retention tags that can be added to a retention policy in Microsoft Exchange Online?
Yes, there’s a limit of 1000 retention tags that can be added to a retention policy in Microsoft Exchange Online.