Blog Post

Microsoft Teams Blog

3 MIN READ

Retention policies for Microsoft Teams

Ansuman Acharya

Microsoft

Mar 30, 2018

Microsoft Teams retention policies are now available in Office 365 security and compliance center

Today, we're proud to announce that we are starting the roll out of retention policies for Microsoft Teams. The roll out is expected to complete within the next few weeks. With this launch, Teams admins can use the Office 365 security and compliance center to set retention policies for Teams and decide proactively whether to retain content or delete content – for the entire organization, specific locations or user or specific teams.

This is a key milestone in our efforts to provide IT admins with even more security and compliance functionality in Teams and part of our roadmap to bring the Skype for Business Online capabilities into Teams.

What are retention policies for Teams?

For most organizations, the volume and complexity of their data is increasing daily – email, documents, Teams messages, and more. To manage or govern this information is important for admins need to:

Comply proactively with industry regulations and internal policies that require organizations to retain content for a minimum period – for example, the Sarbanes-Oxley Act might require you to retain certain types of content for seven years.
Reduce their risk in the event of litigation or a security breach by permanently deleting old content that organizations are no longer required to keep.
Help organizations share knowledge effectively and be more agile by ensuring that their users work only with content that’s current and relevant to them.

With a Teams retention policy, you can:

Decide proactively whether to retain content, delete content, or both – retain and then delete the content based on time.
Use the SCC Policy creation user experience or Teams Retention PowerShell cmdlets
Set different retention durations for Teams Chats v/s Teams Channel Messages.
Target the entire organization with these location rows and target specific users (for Teams chat retention) and specific Teams (For Teams channel message retention)
Use retention policies with the SharePoint & OneDrive location rows to address the Files in Teams.

Note: Remember that in Teams, file shared in private chats are stored in the sender’s OneDrive for Business account and files uploaded in a channel conversation are stored in the team’s SharePoint site

How does it work?

For Teams chat and channel messages, a copy (that the Teams clients work off of) is stored in the Azure powered chat service and a separate copy is stored (archived) in Exchange online mailboxes (both user and group). We covered this in detail in one of our previous posts on Teams information protection features.

A chat message or IM in a 1x1 chat or a group chat is ingested into a hidden folder (TeamChat) into the EXO mailbox of each user who is a participant in the 1xN chat (n= 1,2,3 … )
A channel message in a Team\channel is ingested into a hidden folder (TeamChat) into the EXO mailbox of the Office 365 Group representing the Team.
Now, retention policies are setup by admins in the SCC and the Exchange Lifecycle assistant looks inside the mailboxes at Teams items and their age (based on created date) and acts on them (either preserves or deletes them based on all the policies that exist in the tenant). Then, this information is cascaded back to Teams and Chat service and these items get removed from all storage locations:
- Mailboxes (so they are no longer available in eDiscovery or compliance content search)
- Chat service back end
- Teams Clients (which eventually get in sync with the chat service)

Where can I find more details and documentation?

For more information, how-to, known issues and faqs, please see:

As the roll out gets completed (by mid of April), we encourage you to login to your tenant, setup the appropriate permissions to create retention policies and try creating a retention policy for Teams conversations after having a discussion with your legal/governance organization.

So, what’s next on the roadmap?

We are currently working on releasing eDiscovery for calls and meetings in Teams soon. The next big ticket item on the roadmap would be Data Loss Prevention (DLP) for conversations and files. At the same time, we are also focused on addressing customer feedback on existing key features like eDiscovery of Teams data, Teams audit logs, etc.

Thanks, and stay tuned for more updates. Please feel free to post questions and/or feedback about Teams Security and Compliance features through other available channels. We are listening.

Cheers,

Ansuman

Updated Jan 26, 2021

Version 7.0

microsoft teams

Product Updates

Security & Compliance

Ansuman Acharya

Microsoft

Joined January 21, 2017

View Profile

Microsoft Teams Blog

Welcome to the Microsoft Teams Blog! Learn best practices, news, and trends directly from the team behind Microsoft Teams.

VasilMichev
MVP
Mar 31, 2018
Sorry but can you please provide more details on that Azure Chat service we keep hearing about? Things such as where is the data stored (region and actual "container" information), who can access it, how long is it kept for (with or without retention policies in play), can it be searched, can it be exported, etc, etc. So far, for us customers this has been just a "black box" we know exists, and not much else.

Also, is there any news around handling messages from Guest accounts, users without ExO mailbox, bots, connectors, etc?
Stuart Mcbain
Copper Contributor
Apr 16, 2018
I see Teams has a minimum retention of 30 days

1) When will retention policies for less than 30 days Teams be supported?
2) Any comment on why it not supported already? Why can I set my retention policy Teams to 31 days but not 29?
Dean_Gross
Silver Contributor
Apr 02, 2018
Ansuman Acharya thanks for the link to the presentation, but that is not sufficient, We need written technical documentation that we can read and reference. Where can we find this?
Mark Simone
Brass Contributor
Apr 03, 2018
Looks like a good first step. However, we still use Exchange on-premise. Currently using SPO, OneDrive, and TEAMS in O365. We were really waiting for the ability to apply policies against the hidden chat store mentioned above for Pchats for those users who have on-Prem mailboxes, and are not using EOL. Will this provide access to that data so we can at least apply a retention policy against that data?

Being a financial service firm with stringent compliance requirements, we are still waiting for the ability to journal both Pchat and channel messages completely. Any idea when that might come if ever?
thet naing
Iron Contributor
Apr 10, 2018
Hi All,

Recently I did a presentation on the Retention Policy for Microsoft Teams, I collected some information around retention policy in PowerPoint slide, downloadable as follow.

Retention Policy for Microsoft Teams

Hope at least some would find it instructive.
Hemat Maheshwari
Brass Contributor
Apr 10, 2018
These policies are helpful when you have everything online. For an organization, where mailboxes must stay on on-premises environment, Teams eDiscovery/Compliance policies are not valid.

Is there any plan to add eDiscovery / Compliance for Team's private chat for on-premises mailboxes with SharePoint Online, OneDrive and Teams? As per eDiscovery testing for an on-premise mailbox, I didn't find anything for Team's private chat on both on-premise and online. That's because Teams chat and channels are stored in Exchange Online mailbox and Azure Power Chat service with no access to use any eDiscovery.

Any update on this feature would be helpful.

Cheers,
H.
Deleted
Apr 02, 2018
Thanks for the info, and I was initially very interested in this. However, since Teams has so much of a presence in SPOL & EOL I was under the impression that it inherited the settings of the 'Unified Retention Policies' as defined in the SCC. My org wants to retain everything and I pitched it to them with what I knew about Groups/Teams and our current 'retain everything' Unified Retention Policy.

Needless to say I was certainly surprised to see a distinct O365 Groups setting that magically popped up in the Retention area a week or so ago. I dutifully created another policy with the duplicate settings for the O365 Groups offering, but now it appears I need to do it again for Teams?

What in the Teams settings/policy is NOT covered by the O365 Groups, SPO, and EOL policies?

Are the Persistent Chats also covered by and part of some upcoming S4BOnline retention policy?

Thx
Ansuman Acharya
Microsoft
Apr 10, 2018
Good question Hemat Maheshwari. First of all, we need to solve for bringing compliance features to Exchange on Prem users for Teams. This is a complex feature involving work from multiple teams in the Office organization. We are working on that currently, I cannot promise you a timeline. but when that works, eDiscovery will work and then retention will work. The idea is to take Teams conversations data and put them into the cloud equivalent of on-prem mailboxes if the identities are dir-sync'd.

Stay tuned on more updates.
Deleted
Apr 18, 2018
Looking for information on when will retention policies for less than 30 days Teams be supported? not sure why this wasn't supported out the gate with the retention policy roll out.
dsears266
Copper Contributor
Jan 13, 2020
Are conversations recorded as they are typed? If someone edits their comment does the original content get retained? Just for instance, if a password is typed into the chat, and then after the recipient receives it and the conversation is edited, will the password still be kept in a record and be accessible? Just for conversations sake, lets say that the password is typed and then edited 5 minutes later.