Forum Discussion

Robert Bollinger's avatar
Robert Bollinger
Brass Contributor
May 15, 2020

Information Governance, MRM Policies.

Hey Team,    I am trying to figure out some of the differences between MRM Policies and the Compliance >> Information Governance >> Retention Polices.    I have read the documentaiton but am stil...
admin
exchange
office 365
PeterRising's avatar
PeterRising
MVP
May 15, 2020

Robert Bollinger 

 

There are some similarities between Exchange retention tags and policies and those which are controlled from the security and compliance center (SCC), but essentially they are very different animals.

 

Firstly, Exchange tags/policies obviously only apply to email, and not other M365 services such as SharePoint, OneDrive and Teams.  These policies are only used to delete or archive email depending on the policies and tags applied.  In addition, there are personal retention tags that the users can apply themselves from Outlook or Outlook on the Web.

 

Information Governance policies from the SCC are the preferred recommendation from Microsoft now to immutably protect your M365 data and prevent deletion.  Even if a user deletes something from Email or OneDrive, the content will be retained in another folder until such time the policy expires.

 

The two have no correlation at all. Does that explain things any clearer for you?

 

  • Robert Bollinger's avatar
    Robert Bollinger
    Brass Contributor
    May 15, 2020

    PeterRising 

     

    Information Governance policies from the SCC are the preferred recommendation from Microsoft now to immutably protect your M365 data and prevent deletion.  Even if a user deletes something from Email or OneDrive, the content will be retained in another folder until such time the policy expires.

     

    I think thats the point i was missing "Immutably". I was expecting to see either a) a new policy applied to a users mailbox (MRM) if they were assigned a policy from the Information Governance, Retention, since i was expecting to see a policy assigned there, then i was also expecting to see an expiration date/time. 

     

    So these IG/Retention Policies are more like "background" compliance policies instead of MRM 3.0, which also happen to apply to all office workloads. 

     

    Is that about right? if so is there a document that explains specifically that - i need to provide that to my boss which is why i am asking. 

     

    Thanks, 

     

    Robert 

Resources