Home
Microsoft

Retention policies for Microsoft Teams

Microsoft Teams retention policies are now available in Office 365 security and compliance center

 

Today, we're proud to announce that we are starting the roll out of retention policies for Microsoft Teams. The roll out is expected to complete within the next few weeks. With this launch, Teams admins can use the Office 365 security and compliance center to set retention policies for Teams and decide proactively whether to retain content or delete content – for the entire organization, specific locations or user or specific teams.

 

This is a key milestone  in our efforts to provide IT admins with even more  security and compliance functionality in Teams  and part of our roadmap to bring the Skype for Business Online capabilities into  Teams.

 

retention pic.png

 

What are retention policies for Teams?

For most organizations, the volume and complexity of their data is increasing daily – email, documents, Teams messages, and more. To manage or govern this information is important for admins need to:

 

  • Comply proactively with industry regulations and internal policies that require organizations to retain content for a minimum period – for example, the Sarbanes-Oxley Act might require you to retain certain types of content for seven years.
  • Reduce their risk in the event of litigation or a security breach by permanently deleting old content that organizations are no longer required to keep.
  • Help organizations share knowledge effectively and be more agile by ensuring that their users work only with content that’s current and relevant to them.

With a Teams retention policy, you can:

  • Decide proactively whether to retain content, delete content, or both – retain and then delete the content based on time.
  • Use the SCC Policy creation user experience or Teams Retention PowerShell cmdlets
  • Set different retention durations for Teams Chats v/s Teams Channel Messages.
  • Target the entire organization with these location rows and target specific users (for Teams chat retention) and specific Teams (For Teams channel message retention)
  • Use retention policies with the SharePoint & OneDrive location rows to address the Files in Teams.

Note: Remember that in Teams, file shared in private chats are stored in the sender’s OneDrive for Business account and files uploaded in a channel conversation are stored in the team’s SharePoint site

 

How does it work?

 

info prot arch.png

For Teams chat and channel messages, a copy (that the Teams clients work off of) is stored in the Azure powered chat service and a separate copy is stored (archived) in Exchange online mailboxes (both user and group). We covered this in detail in one of our previous posts on Teams information protection features.

 

  • A chat message or IM in a 1x1 chat or a group chat is ingested into a hidden folder (TeamChat) into the EXO mailbox of each user who is a participant in the 1xN chat (n= 1,2,3 … )
  • A channel message in a Team\channel is ingested into a hidden folder (TeamChat) into the EXO mailbox of the Office 365 Group representing the Team.
  • Now, retention policies are setup by admins in the SCC and the Exchange Lifecycle assistant looks inside the mailboxes at Teams items and their age (based on created date) and acts on them (either preserves or deletes them based on all the policies that exist in the tenant). Then, this information is cascaded back to Teams and Chat service and these items get removed from all storage locations:
    • Mailboxes (so they are no longer available in eDiscovery or compliance content search)
    • Chat service back end
    • Teams Clients (which eventually get in sync with the chat service)

 

Where can I find more details and documentation?

For more information, how-to, known issues and faqs, please see: 

As the roll out gets completed (by mid of April), we encourage you to login to your tenant, setup the appropriate permissions to create retention policies and try creating a retention policy for Teams conversations after having a discussion with your legal/governance organization.

 

So, what’s next on the roadmap?

We are currently working on releasing eDiscovery for calls and meetings in Teams soon. The next big ticket item on the roadmap would be Data Loss Prevention (DLP) for conversations and files. At the same time, we are also focused on addressing customer feedback on existing key features like eDiscovery of Teams data, Teams audit logs, etc.

 

Thanks, and stay tuned for more updates. Please feel free to post questions and/or feedback about Teams Security and Compliance features through other available channels. We are listening. 

 

Cheers,

Ansuman

 

 

24 Comments

Sorry but can you please provide more details on that Azure Chat service we keep hearing about? Things such as where is the data stored (region and actual "container" information), who can access it, how long is it kept for (with or without retention policies in play), can it be searched, can it be exported, etc, etc. So far, for us customers this has been just a "black box" we know exists, and not much else.

 

Also, is there any news around handling messages from Guest accounts, users without ExO mailbox, bots, connectors, etc?

Microsoft
I think you will find the ignite architecture session useful if you want to understand chat service. https://channel9.msdn.com/Events/Ignite/Microsoft-Ignite-Orlando-2017/BRK3071 
 
It covers
  • Architecture of Teams and its clients
  • Chat service and other underlying services
  • Storage locations, Data residency.
 
Trusted Contributor

@Ansuman Acharya thanks for the link to the presentation, but that is not sufficient, We need written technical documentation that we can read and reference. Where can we find this?

Anonymous
Not applicable

Thanks for the info, and I was initially very interested in this.  However, since Teams has so much of a presence in SPOL & EOL I was under the impression that it inherited the settings of the 'Unified Retention Policies' as defined in the SCC.  My org wants to retain everything and I pitched it to them with what I knew about Groups/Teams and our current 'retain everything' Unified Retention Policy. 

 

Needless to say I was certainly surprised to see a distinct O365 Groups setting that magically popped up in the Retention area a week or so ago.  I dutifully created another policy with the duplicate settings for the O365 Groups offering, but now it appears I need to do it again for Teams?

 

What in the Teams settings/policy is NOT covered by the O365 Groups, SPO, and EOL policies?

 

Are the Persistent Chats also covered by and part of some upcoming S4BOnline retention policy?

 

Thx

Microsoft

The Office 365  Group setting has been around for a while John. To do retention for Teams you need to think of Files and Conversations.

 

For Files in Teams:

- use SPO location

- use OD4B location

 

For Conversations - Use the Team Chat and Channel rows. Office Group mailbox does not cover Teams data fully. It will not fully remove teams data from all storage locations. Same for EOL mailboxes.

Regular Visitor

Good luck getting deep documentation.  Microsoft has all but given up on this.


@Ansuman Acharya wrote:

Microsoft Teams retention policies are now available in Office 365 security and compliance center

 

Today, we're proud to announce that we are starting the roll out of retention policies for Microsoft Teams. The roll out is expected to complete within the next few weeks. With this launch, Teams admins can use the Office 365 security and compliance center to set retention policies for Teams and decide proactively whether to retain content or delete content – for the entire organization, specific locations or user or specific teams.

 

This is a key milestone  in our efforts to provide IT admins with even more  security and compliance functionality in Teams  and part of our roadmap to bring the Skype for Business Online capabilities into  Teams.

 

retention pic.png

 

What are retention policies for Teams?

For most organizations, the volume and complexity of their data is increasing daily – email, documents, Teams messages, and more. To manage or govern this information is important for admins need to:

 

  • Comply proactively with industry regulations and internal policies that require organizations to retain content for a minimum period – for example, the Sarbanes-Oxley Act might require you to retain certain types of content for seven years.
  • Reduce their risk in the event of litigation or a security breach by permanently deleting old content that organizations are no longer required to keep.
  • Help organizations share knowledge effectively and be more agile by ensuring that their users work only with content that’s current and relevant to them.

With a Teams retention policy, you can:

  • Decide proactively whether to retain content, delete content, or both – retain and then delete the content based on time.
  • Use the SCC Policy creation user experience or Teams Retention PowerShell cmdlets
  • Set different retention durations for Teams Chats v/s Teams Channel Messages.
  • Target the entire organization with these location rows and target specific users (for Teams chat retention) and specific Teams (For Teams channel message retention)
  • Use retention policies with the SharePoint & OneDrive location rows to address the Files in Teams.

Note: Remember that in Teams, file shared in private chats are stored in the sender’s OneDrive for Business account and files uploaded in a channel conversation are stored in the team’s SharePoint site

 

How does it work?

 

info prot arch.png

For Teams chat and channel messages, a copy (that the Teams clients work off of) is stored in the Azure powered chat service and a separate copy is stored (archived) in Exchange online mailboxes (both user and group). We covered this in detail in one of our previous posts on Teams information protection features.

 

  • A chat message or IM in a 1x1 chat or a group chat is ingested into a hidden folder (TeamChat) into the EXO mailbox of each user who is a participant in the 1xN chat (n= 1,2,3 … )
  • A channel message in a Team\channel is ingested into a hidden folder (TeamChat) into the EXO mailbox of the Office 365 Group representing the Team.
  • Now, retention policies are setup by admins in the SCC and the Exchange Lifecycle assistant looks inside the mailboxes at Teams items and their age (based on created date) and acts on them (either preserves or deletes them based on all the policies that exist in the tenant). Then, this information is cascaded back to Teams and Chat service and these items get removed from all storage locations:
    • Mailboxes (so they are no longer available in eDiscovery or compliance content search)
    • Chat service back end
    • Teams Clients (which eventually get in sync with the chat service)

 

Where can I find more details and documentation?

For more information, how-to, known issues and faqs, please see: 

As the roll out gets completed (by mid of April), we encourage you to login to your tenant, setup the appropriate permissions to create retention policies and try creating a retention policy for Teams conversations after having a discussion with your legal/governance organization.

 

So, what’s next on the roadmap?

We are currently working on releasing eDiscovery for calls and meetings in Teams soon. The next big ticket item on the roadmap would be Data Loss Prevention (DLP) for conversations and files. At the same time, we are also focused on addressing customer feedback on existing key features like eDiscovery of Teams data, Teams audit logs, etc.

 

Thanks, and stay tuned for more updates. Please feel free to post questions and/or feedback about Teams Security and Compliance features through other available channels. We are listening. 

 

Cheers,

Ansuman

 

 


 

Anonymous
Not applicable

 @Ansuman Acharya:  You say that 'The Office 365  Group setting has been around for a while," but most of us know how gradually new features are rolled out.  How long is 'awhile?'  As I said, it was new to me a few weeks ago, and our tenant isn't on 1st release so isn't it perhaps possible that the feature just hadn't shown up for us yet?

 

Some kind of Infographic would be helpful on what services are covered by which retention policies.  If we get caught from a legal standpoint on this, I sure am grateful we can count on MS to step in and help us via our Enterprise Business Partner Agreement...

Senior Member

Looks like a good first step.  However, we still use Exchange on-premise.  Currently using SPO, OneDrive, and TEAMS in O365.  We were really waiting for the ability to apply policies against the hidden chat store mentioned above for Pchats for those users who have on-Prem mailboxes, and are not using EOL.  Will this provide access to that data so we can at least apply a retention policy against that data?

 

Being a financial service firm with stringent compliance requirements, we are still waiting for the ability to journal both Pchat and channel messages completely.  Any idea when that might come if ever?

 

 

Frequent Contributor

Hi All,

 

Recently I did a presentation on the Retention Policy for Microsoft Teams, I collected some information around retention policy in PowerPoint slide, downloadable as follow.

 

Retention Policy for Microsoft Teams

 

Hope at least some would find it instructive. 

 

 

New Contributor

These policies are helpful when you have everything online. For an organization, where mailboxes must stay on on-premises environment, Teams eDiscovery/Compliance policies are not valid.

 

Is there any plan to add eDiscovery / Compliance for Team's private chat for on-premises mailboxes with SharePoint Online, OneDrive and Teams? As per eDiscovery testing for an on-premise mailbox, I didn't find anything for Team's private chat on both on-premise and online. That's because  Teams chat and channels are stored in Exchange Online mailbox and Azure Power Chat service with no access to use any eDiscovery. 

 

Any update on this feature would be helpful. 

 

Cheers,

H.

 

Microsoft

Good question @Hemat Maheshwari. First of all, we need to solve for bringing compliance features to Exchange on Prem users for Teams. This is a complex feature involving work from multiple teams in the Office organization. We are working on that currently, I cannot promise you a timeline. but when that works, eDiscovery will work and then retention will work. The idea is to take Teams conversations data and put them into the cloud equivalent of on-prem mailboxes if the identities are dir-sync'd.

 

Stay tuned on more updates. 

Contributor

We need to be able to journal Teams messages just like we can journal Exchange messages now. We are using Exchange 2013 on-premises. When would we be able to archive Teams communication?

Occasional Visitor

I see Teams has a minimum retention of 30 days 

 

1) When will retention policies for less than 30 days Teams be supported?

2) Any comment on why it not supported already?   Why can I set my retention policy Teams to 31 days but not 29?

 

30 day rentention not supported.JPG

 

 

Anonymous
Not applicable

Looking for information on when will retention policies for less than 30 days Teams be supported? not sure why this wasn't supported out the gate with the retention policy roll out. 

Occasional Contributor

So I am trying to find out what the exact details are with these policies now being implemented. There seems to be a few different scenarios as far as whether this is enabled and working based on your configuration.

 

  1. It does not appear to work if you are hybrid. Which I'm assuming is Exchange Hybrid.
  2. In other articles, it appears that it can take up to 30 days to actually implement and process the retention policy.
  3. Does Skype on Premise matter? It looks like that is not part of this consideration.

Our environment is Exchange 2016 hybrid. SFB is housed on premise, but we are configured for hybrid with SFBO. I am able to configure a Teams channel and chat policy, but it does not appear to be working.

 

Can someone just let me know if this should work in our scenario?

Are we just out of luck?

Is it the 30 day implementation and I'm just too quick to wait for it to apply?

 

-Thanks.

Frequent Contributor

Retention policy applies and is applicable to users whose mailboxes are on Exchange ONLINE.

1. Retention doesn't work/cannot be applied on Hybrid mailbox(es)

2. It shouldn't take 30 days as it mentioned -- it takes only 1 day in my case.

3. Same as point no.1 -- Retention Policy doesn't work/cannot be applied on a user whose mailbox is NOT Exchange Online. 

 

Contributor
When will retention start working on Hybrid mailboxes?

Retention policy (and deletion) applied on team sites of Sharepoint will be applied for Sharepoint's sites created through channels on Microsoft Teams? If not, how can retention and deletion policies can be applied on Microsoft Teams?

Trusted Contributor

@PATRICIA PEREIRA DE SOUZA, just to clarify, when a channel is added to a Team, a new folder gets added to an existing document library in an existing SharePoint site (each Team has a SPO Site, the default document library gets a General folder and additional folders are added to that library)

Contributor
If we are still using Hybrid mode with Exchange On-Premises, how do we archive Teams communications?
Frequent Contributor

@Michael Gorn  Please follow this guideline below:

https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/Microsoft-Teams-supports-eDiscovery-for-...

 

You must write a request to Microsoft in order to get it done. 

Occasional Visitor

MS Teams retention seems to only allow deletion of chats after a minimum of 30 days. This does not meet my organization's retention policy which is 7 days for personal chat given that chats are transitory in nature and should not be kept longer than 1 week. It is a risk to the organization to keep such unstructured and unmonitored information for 30 days. Will MS be making a change to allow users to adjust their retention as they wish, i.e. any time frame and not a minimum of 30 days?

 

Trusted Contributor

If you need a change like that, the best way to request it is to do so on the User Voice site at https://microsoftteams.uservoice.com/forums/555103-public

Occasional Contributor

 @Heidi Larsen I don't want to knock, but I would not hold your breath. We have been holding out for a better retention policy for a long time. We also do not keep chat history at an organization level in SkypeFB. When Office 365 Groups became a thing we got a lot of push back from the lack of retention being available. Kind of sad that there's a product released that doesn't have similar policy or retention to it's current interpretation, in this case Exchange. We are also Hybrid which creates more chaos. In a recent ticket we opened, Teams retention even at 30 days will not currently filter out Bot based messages, or any messages containing attached data, Images and the like.

 

I would almost suggest trying to find a third party tool if there is one. I've even looked at clearing out chat messages via Microsoft Graph, but there is not currently a way to single out messages. At least from what I can tell. This was the work around we used for clearing 365 group messages and still continue to use.