cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Records retention on Skype for Business conversations

Carol DeMuth
Iron Contributor

‎Sep 07 2016 10:45 AM - last edited on ‎May 24 2021 01:52 PM by

‎Sep 07 2016 10:45 AM - last edited on ‎May 24 2021 01:52 PM by

Records retention on Skype for Business conversations

I have been tasked with discovering more information on retention policies for IMs sent through Skype for Business.  We are thinking about adding it as an alternative to texting for information that is subject to public records requests. 

Based on what I think I found - the conversations for desktop clients are stored in Exchange - so we can set retention and archiving policies on those.

However the big argument is personal phone vs. work issued cell phone.  It appears that conversations are stored on the personal device - so we would have to use MDM to have access to the data to archive it?

I also am looking at the eDiscovery center and see I can do eDiscovery on Skype for Business, but is that just on the client installs where the conversations are stored in Outlook, or does it cover mobile devices?

 

Can someone verify if I'm on the right track?

7,936 Views
1 Like
4 Replies
Reply
4 Replies
best response confirmed by Deleted
Cary Siemers

‎Sep 08 2016 08:26 AM

‎Sep 08 2016 08:26 AM

Solution

Re: Records retention on Skype for Business conversations

I too am interested. We don't have any "work" phones, they are all personal phones used for work purposes. 

I was under the impression that all conversations conducted within Skype were stored in Outlook's Conversation History.

I do know that if you are refering to normal SMS/texting then no, MDM doesn't get them. For us we'd have to take someone's phone and send it to a phone "forensics" company that would then retrieve all the messages for us (that would include non-work messages). Not a cheap proposition.

 

0 Likes
Reply
Carol DeMuth

‎Sep 08 2016 09:14 AM

‎Sep 08 2016 09:14 AM

Re: Records retention on Skype for Business conversations

We were thinking of steering people away from SMS/texting for that very reason and trying to get them to use the IM feature in Skype for Business, but if those aren't archived anywhere but their personal phone, we aren't gaining anything.  I took a look at the privacy agreement here  https://support.office.com/en-US/article/Privacy-supplement-for-Microsoft-Skype-for-Business-f2100fe... There are documents specifically for phones and it seems like the conversations are stored on the phone and not in Outlook archives.

0 Likes
Reply
Julian Knight

‎Sep 15 2016 03:57 AM

‎Sep 15 2016 03:57 AM

Re: Records retention on Skype for Business conversations

Saving of conversations in Outlook is optional, users can turn it off and I'm not sure whether you can enforce it on.

0 Likes
Reply
Julian Knight

‎Sep 15 2016 04:01 AM

‎Sep 15 2016 04:01 AM

Re: Records retention on Skype for Business conversations

This is an area that is still weak with SfB. We need proper audit capability for it, we also need enforced conversation save.

 

Another weak area is that of DLP. We should be able to monitor conversations for inapppropriate information being shared and for inappropriate conversations. Bullying is a particular problem over IM. Sexual harrassment can also be an issue.

 

With file sharing enabled, SfB is also another path for data exfiltration, another reason for DLP to cover it.

1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Deleted
Cary Siemers

‎Sep 08 2016 08:26 AM

‎Sep 08 2016 08:26 AM

Solution

Re: Records retention on Skype for Business conversations

I too am interested. We don't have any "work" phones, they are all personal phones used for work purposes. 

I was under the impression that all conversations conducted within Skype were stored in Outlook's Conversation History.

I do know that if you are refering to normal SMS/texting then no, MDM doesn't get them. For us we'd have to take someone's phone and send it to a phone "forensics" company that would then retrieve all the messages for us (that would include non-work messages). Not a cheap proposition.

 

View solution in original post

0 Likes
Reply