Microsoft Teams and Groups provide a powerful solution for cross-silo collaboration. Yet, these tools can create a challenge for records management. How can we maintain a manageable file plan and compliance strategy when anyone can provision a workspace? In this presentation, we will discuss compliance features provided in Office 365 for Microsoft Teams and how you can use them to manage Teams and Groups content for compliance purposes.
6. CHAT TEAMS
Teams Video & Voice Calls
MEETINGS FILES
Recent
Microsoft Teams
Downloads
OneDrive
Join Skype for
Business Meeting
Exchange Calendar
Private
Meeting
Channel
Meeting
Files Wiki
Tabs Bots (1:Many)
Connectors Channels
Email Conversations
Meet Now
Conversation File
Video Call
Voice Call
Organization Activity
Tabs Bots (1:1)
ACTIVITY
Follow
Feed
Team Activity
My Activity
Filter
Search
Notification Settings
8. Feature Location
Chats Exchange – User mailbox
Conversation Exchange – Group Mailbox
Files in a 1:1 or group chat OneDrive for Business
Files in a Team SharePoint
Third party file integration Within the 3rd party service
Planner Planner
Group Outlook email & calendar Exchange – Group Mailbox
PowerBI Source Data System
Stream (Video) Stream
Bots Chat or Conversations in Teams
Connectors Conversations in Teams
Tabs A Tab provides a view to content that resides in another location
Voice & Video Calls Skype for Business
12. Leverage intelligence automate data retention and deletion
Labels
Retention Policies
*eDiscovery
Apply actions to preserve high value data in-place
and purge what’s redundant, trivial, or obsolete
Take Action
Automatic Classification
Classify data based on automatic analysis
(age, user, type, sensitive data and user
provided fingerprints)
Intelligent Policies
Policy recommendations based on machine
learning and cloud intelligence
13.
14. Auto-applied based on
sensitive information types
Auto-applied based on a
search query
The label is a record
A user has manually
applied a label
Auto-applied based on
a location
Another label is older
Except when…
15. When you create
auto-apply labels for
sensitive information,
you see the same list
of policy templates as
when you create a
data loss prevention
(DLP) policy.
16. Query-based labels use the search
index to identify content.
• Email properties
• Site properties
• Contact properties
• Sensitive data types
• Site content shared with external users
• Site content shared within your
organization
17. Can only apply a default label to a
document library
Items inside a document set do
inherit the default label
If you move an item with a default
label from one library to another
library with no default label, the
old default label is removed
18. A label that classifies
content as a record
needs to be applied
manually; it can't be
auto-applied
For SharePoint
content, any user in
the default
Members group (the
Contribute
permission level)
can apply a record
label to content
Only the site
collection
administrator can
remove or change
that label after it's
been applied
You can apply a
label to a folder
19. For SharePoint
content, any user in
the default Members
group (the Contribute
permission level) can
apply a record label
to content
20. If there are multiple rules that assign an auto-apply label and
content meets the conditions of multiple rules, the label for the
oldest rule is assigned.
PERIOD. NO OTHER OPTION.
23. If the label is… Then the label policy can be applied to…
Exchange SharePoint OneDrive Groups
Published to end users X X X X
Auto-applied based on sensitive
information types
X X
Auto-applied based on a query X X X X
24. PROS CONS RECORDPOINT
Use to identify and action sensitive
content
Application of Label can be 1-7 days
Provides real time classification
of content
A label can be used by RecordPoint to
refine a classification
No hierarchy of labels Can prioritize labels
No automatic application of labels to
sites, content types,
Has localized certifications, such as
Generic functionality that doesn’t meet
local standards
Can use a label as input
Need to have an E5 license for
automatic labelling
Works with any SharePoint license
No automatic labelling for records
Automatic labelling of records and all
content
Have to apply document library labels to
each location
Can apply classifications from a
central location
25.
26. • Attached to a label
• Can trigger a disposition review at the
end of the retention period, so that
SharePoint and OneDrive documents
must be reviewed before they can be
deleted
• Can start the retention period from
when the content was labeled, instead
of the age of the content or when it was
last modified
27. • Retaining content so that it can’t be permanently deleted before the end of the retention period.
• Deleting content permanently at the end of the retention period.
Entire
Location
Policies
Include
or
Exclude
Organization Wide policies
SharePoint OneDrive for Business Groups Exchange Email
Users
(up to 1000)
Groups
(up to 1000)
Locations
(up to 100 sites)
28. Retention wins over deletion
Longest retention period wins
Explicit inclusion wins over implicit inclusion
Shortest deletion period wins
29. 1. If the content is modified or deleted during the retention period
2. If the content is not modified or deleted during the retention period
2
1
Preservation
Hold Library
Document
Library
First-Stage
Recycle Bin
Second-Stage
Recycle Bin
Cleanup
Retention Period
User Purge Cleanup
Permanent
Deletion
Permanent
Deletion
93 Days
7 Days
30. PROS CONS RECORDPOINT
Simple content clean-up for
non-records content
A limit of 10 organization wide and
location based retention policies
No limit on the number of retention
policies
Covers Skype for Business and
Exchange Content
Keeps documents for 93 days after
disposition approval
Dispose of document immediately
on approval
No certification of destruction
Provides a fully auditable
certification of destruction
Covers social feeds and file share
content, with more coming
Legal hold integrates with Office 365
Can retain content in places
31.
32. Microsoft Teams Functionality
CHAT TEAMS
Teams Video & Voice Calls
MEETINGS FILES
Recent
Microsoft Teams
Downloads
OneDrive
Join Skype for
Business Meeting
Exchange Calendar
Private
Meeting
Channel
Meeting
Files Wiki
Tabs Bots (1:Many)
Connectors Channels
Email Conversations
Meet Now
Conversation File
Video Call
Voice Call
Organization Activity
Tabs Bots (1:1)
ACTIVITY
Follow
Feed
Team Activity
My Activity
Filter
Search
Notification Settings
34. Feature Location Compliance
Chats Exchange – User mailbox Follow the Office 365 retention policy or label
applied to the user’s mailbox
Conversation Exchange – Group Mailbox Follow the Office 365 retention policy or label
applied to the Team mailbox
Files in a 1:1 or group chat OneDrive for Business Follows the Office 365 retention policy or label
applied to the user’s OneDrive
Files in a Team SharePoint Follows the Office 365 retention policy or label
applied to the SharePoint site
Third party file integration Within the 3rd party service Third party service
Planner Planner No compliance functionality
Group Outlook email & calendar Exchange – Group Mailbox Follow the Office 365 retention policy or label
applied to the Team mailbox
35. Feature Location Compliance
PowerBI Source Data System The service where the data resides would manage compliance
policies, not PowerBI
Stream (Video) Stream No compliance features
Bots Chat or Conversations in Teams As of 4/21: Messages from and To Bots are not being captured
correctly in the Compliance Content Search process
Connectors Conversations in Teams As of 4/21: Messages from Connectors that get written into
channels are not being captured in the Compliance Content
Search process
Tabs A Tab provides a view to content
that resides in another location
The service where the data resides would manage compliance
policies
Voice & Video
calls
Skype for Business Follow the compliance policy applied to the user
Rude FAQ: Is Skype for Business being renamed to Teams? No that was a rumour.
Office 365 eDiscovery:
Data Loss Prevention (DLP): identify, monitor, and automatically protect sensitive information across Office 365
Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, and OneDrive for Business.
Prevent the accidental sharing of sensitive information.
Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
Help users learn how to stay compliant without interrupting their workflow.
View DLP reports showing content that matches your organization’s DLP policies.
Information Rights Management (IRM)
Service Assurance: It’s about transparency
Safeguards confidentiality, integrity, availability and reliability of your data.
Let’s you control access to your data.
Helps you comply with various regulatory standards.
Customer Lockbox
Advanced Threat Detection (ATD):
Interactive tools to analyze prevalence and severity of threats in near real-time.
Real-time and customizable threat alert notifications.
Remediation capabilities for suspicious content.
Expansion of Management API to include threat details—enabling integration with SIEM solutions.
Supervision
Audit Log
The Security & Compliance Center is where all the feature settings are located, within Office 365 tenant admin.
Assign permissions to people in your organization so they can perform tasks in the Security & Compliance Center