Home
Microsoft

Retention policies for Microsoft Teams

Microsoft Teams retention policies are now available in Office 365 security and compliance center

 

Today, we're proud to announce that we are starting the roll out of retention policies for Microsoft Teams. The roll out is expected to complete within the next few weeks. With this launch, Teams admins can use the Office 365 security and compliance center to set retention policies for Teams and decide proactively whether to retain content or delete content – for the entire organization, specific locations or user or specific teams.

 

This is a key milestone  in our efforts to provide IT admins with even more  security and compliance functionality in Teams  and part of our roadmap to bring the Skype for Business Online capabilities into  Teams.

 

retention pic.png

 

What are retention policies for Teams?

For most organizations, the volume and complexity of their data is increasing daily – email, documents, Teams messages, and more. To manage or govern this information is important for admins need to:

 

  • Comply proactively with industry regulations and internal policies that require organizations to retain content for a minimum period – for example, the Sarbanes-Oxley Act might require you to retain certain types of content for seven years.
  • Reduce their risk in the event of litigation or a security breach by permanently deleting old content that organizations are no longer required to keep.
  • Help organizations share knowledge effectively and be more agile by ensuring that their users work only with content that’s current and relevant to them.

With a Teams retention policy, you can:

  • Decide proactively whether to retain content, delete content, or both – retain and then delete the content based on time.
  • Use the SCC Policy creation user experience or Teams Retention PowerShell cmdlets
  • Set different retention durations for Teams Chats v/s Teams Channel Messages.
  • Target the entire organization with these location rows and target specific users (for Teams chat retention) and specific Teams (For Teams channel message retention)
  • Use retention policies with the SharePoint & OneDrive location rows to address the Files in Teams.

Note: Remember that in Teams, file shared in private chats are stored in the sender’s OneDrive for Business account and files uploaded in a channel conversation are stored in the team’s SharePoint site

 

How does it work?

 

info prot arch.png

For Teams chat and channel messages, a copy (that the Teams clients work off of) is stored in the Azure powered chat service and a separate copy is stored (archived) in Exchange online mailboxes (both user and group). We covered this in detail in one of our previous posts on Teams information protection features.

 

  • A chat message or IM in a 1x1 chat or a group chat is ingested into a hidden folder (TeamChat) into the EXO mailbox of each user who is a participant in the 1xN chat (n= 1,2,3 … )
  • A channel message in a Team\channel is ingested into a hidden folder (TeamChat) into the EXO mailbox of the Office 365 Group representing the Team.
  • Now, retention policies are setup by admins in the SCC and the Exchange Lifecycle assistant looks inside the mailboxes at Teams items and their age (based on created date) and acts on them (either preserves or deletes them based on all the policies that exist in the tenant). Then, this information is cascaded back to Teams and Chat service and these items get removed from all storage locations:
    • Mailboxes (so they are no longer available in eDiscovery or compliance content search)
    • Chat service back end
    • Teams Clients (which eventually get in sync with the chat service)

 

Where can I find more details and documentation?

For more information, how-to, known issues and faqs, please see: 

As the roll out gets completed (by mid of April), we encourage you to login to your tenant, setup the appropriate permissions to create retention policies and try creating a retention policy for Teams conversations after having a discussion with your legal/governance organization.

 

So, what’s next on the roadmap?

We are currently working on releasing eDiscovery for calls and meetings in Teams soon. The next big ticket item on the roadmap would be Data Loss Prevention (DLP) for conversations and files. At the same time, we are also focused on addressing customer feedback on existing key features like eDiscovery of Teams data, Teams audit logs, etc.

 

Thanks, and stay tuned for more updates. Please feel free to post questions and/or feedback about Teams Security and Compliance features through other available channels. We are listening. 

 

Cheers,

Ansuman

 

 

14 Comments

Sorry but can you please provide more details on that Azure Chat service we keep hearing about? Things such as where is the data stored (region and actual "container" information), who can access it, how long is it kept for (with or without retention policies in play), can it be searched, can it be exported, etc, etc. So far, for us customers this has been just a "black box" we know exists, and not much else.

 

Also, is there any news around handling messages from Guest accounts, users without ExO mailbox, bots, connectors, etc?

Microsoft
I think you will find the ignite architecture session useful if you want to understand chat service. https://channel9.msdn.com/Events/Ignite/Microsoft-Ignite-Orlando-2017/BRK3071 
 
It covers
  • Architecture of Teams and its clients
  • Chat service and other underlying services
  • Storage locations, Data residency.
 
Trusted Contributor

@Ansuman Acharya thanks for the link to the presentation, but that is not sufficient, We need written technical documentation that we can read and reference. Where can we find this?

Contributor

Thanks for the info, and I was initially very interested in this.  However, since Teams has so much of a presence in SPOL & EOL I was under the impression that it inherited the settings of the 'Unified Retention Policies' as defined in the SCC.  My org wants to retain everything and I pitched it to them with what I knew about Groups/Teams and our current 'retain everything' Unified Retention Policy. 

 

Needless to say I was certainly surprised to see a distinct O365 Groups setting that magically popped up in the Retention area a week or so ago.  I dutifully created another policy with the duplicate settings for the O365 Groups offering, but now it appears I need to do it again for Teams?

 

What in the Teams settings/policy is NOT covered by the O365 Groups, SPO, and EOL policies?

 

Are the Persistent Chats also covered by and part of some upcoming S4BOnline retention policy?

 

Thx

Microsoft

The Office 365  Group setting has been around for a while John. To do retention for Teams you need to think of Files and Conversations.

 

For Files in Teams:

- use SPO location

- use OD4B location

 

For Conversations - Use the Team Chat and Channel rows. Office Group mailbox does not cover Teams data fully. It will not fully remove teams data from all storage locations. Same for EOL mailboxes.

Regular Visitor

Good luck getting deep documentation.  Microsoft has all but given up on this.


@Ansuman Acharya wrote:

Microsoft Teams retention policies are now available in Office 365 security and compliance center

 

Today, we're proud to announce that we are starting the roll out of retention policies for Microsoft Teams. The roll out is expected to complete within the next few weeks. With this launch, Teams admins can use the Office 365 security and compliance center to set retention policies for Teams and decide proactively whether to retain content or delete content – for the entire organization, specific locations or user or specific teams.

 

This is a key milestone  in our efforts to provide IT admins with even more  security and compliance functionality in Teams  and part of our roadmap to bring the Skype for Business Online capabilities into  Teams.

 

retention pic.png

 

What are retention policies for Teams?

For most organizations, the volume and complexity of their data is increasing daily – email, documents, Teams messages, and more. To manage or govern this information is important for admins need to:

 

  • Comply proactively with industry regulations and internal policies that require organizations to retain content for a minimum period – for example, the Sarbanes-Oxley Act might require you to retain certain types of content for seven years.
  • Reduce their risk in the event of litigation or a security breach by permanently deleting old content that organizations are no longer required to keep.
  • Help organizations share knowledge effectively and be more agile by ensuring that their users work only with content that’s current and relevant to them.

With a Teams retention policy, you can:

  • Decide proactively whether to retain content, delete content, or both – retain and then delete the content based on time.
  • Use the SCC Policy creation user experience or Teams Retention PowerShell cmdlets
  • Set different retention durations for Teams Chats v/s Teams Channel Messages.
  • Target the entire organization with these location rows and target specific users (for Teams chat retention) and specific Teams (For Teams channel message retention)
  • Use retention policies with the SharePoint & OneDrive location rows to address the Files in Teams.

Note: Remember that in Teams, file shared in private chats are stored in the sender’s OneDrive for Business account and files uploaded in a channel conversation are stored in the team’s SharePoint site

 

How does it work?

 

info prot arch.png

For Teams chat and channel messages, a copy (that the Teams clients work off of) is stored in the Azure powered chat service and a separate copy is stored (archived) in Exchange online mailboxes (both user and group). We covered this in detail in one of our previous posts on Teams information protection features.

 

  • A chat message or IM in a 1x1 chat or a group chat is ingested into a hidden folder (TeamChat) into the EXO mailbox of each user who is a participant in the 1xN chat (n= 1,2,3 … )
  • A channel message in a Team\channel is ingested into a hidden folder (TeamChat) into the EXO mailbox of the Office 365 Group representing the Team.
  • Now, retention policies are setup by admins in the SCC and the Exchange Lifecycle assistant looks inside the mailboxes at Teams items and their age (based on created date) and acts on them (either preserves or deletes them based on all the policies that exist in the tenant). Then, this information is cascaded back to Teams and Chat service and these items get removed from all storage locations:
    • Mailboxes (so they are no longer available in eDiscovery or compliance content search)
    • Chat service back end
    • Teams Clients (which eventually get in sync with the chat service)

 

Where can I find more details and documentation?

For more information, how-to, known issues and faqs, please see: 

As the roll out gets completed (by mid of April), we encourage you to login to your tenant, setup the appropriate permissions to create retention policies and try creating a retention policy for Teams conversations after having a discussion with your legal/governance organization.

 

So, what’s next on the roadmap?

We are currently working on releasing eDiscovery for calls and meetings in Teams soon. The next big ticket item on the roadmap would be Data Loss Prevention (DLP) for conversations and files. At the same time, we are also focused on addressing customer feedback on existing key features like eDiscovery of Teams data, Teams audit logs, etc.

 

Thanks, and stay tuned for more updates. Please feel free to post questions and/or feedback about Teams Security and Compliance features through other available channels. We are listening. 

 

Cheers,

Ansuman

 

 


 

Contributor

 @Ansuman Acharya:  You say that 'The Office 365  Group setting has been around for a while," but most of us know how gradually new features are rolled out.  How long is 'awhile?'  As I said, it was new to me a few weeks ago, and our tenant isn't on 1st release so isn't it perhaps possible that the feature just hadn't shown up for us yet?

 

Some kind of Infographic would be helpful on what services are covered by which retention policies.  If we get caught from a legal standpoint on this, I sure am grateful we can count on MS to step in and help us via our Enterprise Business Partner Agreement...

Senior Member

Looks like a good first step.  However, we still use Exchange on-premise.  Currently using SPO, OneDrive, and TEAMS in O365.  We were really waiting for the ability to apply policies against the hidden chat store mentioned above for Pchats for those users who have on-Prem mailboxes, and are not using EOL.  Will this provide access to that data so we can at least apply a retention policy against that data?

 

Being a financial service firm with stringent compliance requirements, we are still waiting for the ability to journal both Pchat and channel messages completely.  Any idea when that might come if ever?

 

 

Frequent Contributor

Hi All,

 

Recently I did a presentation on the Retention Policy for Microsoft Teams, I collected some information around retention policy in PowerPoint slide, downloadable as follow.

 

Retention Policy for Microsoft Teams

 

Hope at least some would find it instructive. 

 

 

Frequent Visitor

These policies are helpful when you have everything online. For an organization, where mailboxes must stay on on-premises environment, Teams eDiscovery/Compliance policies are not valid.

 

Is there any plan to add eDiscovery / Compliance for Team's private chat for on-premises mailboxes with SharePoint Online, OneDrive and Teams? As per eDiscovery testing for an on-premise mailbox, I didn't find anything for Team's private chat on both on-premise and online. That's because  Teams chat and channels are stored in Exchange Online mailbox and Azure Power Chat service with no access to use any eDiscovery. 

 

Any update on this feature would be helpful. 

 

Cheers,

H.

 

Microsoft

Good question @Hemat Maheshwari. First of all, we need to solve for bringing compliance features to Exchange on Prem users for Teams. This is a complex feature involving work from multiple teams in the Office organization. We are working on that currently, I cannot promise you a timeline. but when that works, eDiscovery will work and then retention will work. The idea is to take Teams conversations data and put them into the cloud equivalent of on-prem mailboxes if the identities are dir-sync'd.

 

Stay tuned on more updates. 

Contributor

We need to be able to journal Teams messages just like we can journal Exchange messages now. We are using Exchange 2013 on-premises. When would we be able to archive Teams communication?

Occasional Visitor

I see Teams has a minimum retention of 30 days 

 

1) When will retention policies for less than 30 days Teams be supported?

2) Any comment on why it not supported already?   Why can I set my retention policy Teams to 31 days but not 29?

 

30 day rentention not supported.JPG

 

 

Occasional Visitor

Looking for information on when will retention policies for less than 30 days Teams be supported? not sure why this wasn't supported out the gate with the retention policy roll out.