Teams Private Channels Reengineered: Compliance & Data Security Actions Needed by Sept 20, 2025
You may have missed this critical update, as it was published only on the Microsoft Teams blog and flagged as a Teams change in the Message Center under MC1134737. However, it represents a complete reengineering of how private channel data is stored and managed, with direct implications for Microsoft Purview compliance policies, including eDiscovery, Legal Hold, Data Loss Prevention (DLP), and Retention. 🔗 Read the official blog post here New enhancements in Private Channels in Microsoft Teams unlock their full potential | Microsoft Community Hub What’s Changing? A Shift from User to Group Mailboxes Historically, private channel data was stored in individual user mailboxes, requiring compliance and security policies to be scoped at the user level. Starting September 20, 2025, Microsoft is reengineering this model: Private channels will now use dedicated group mailboxes tied to the team’s Microsoft 365 group. Compliance and security policies must be applied to the team’s Microsoft 365 group, not just individual users. Existing user-level policies will not govern new private channel data post-migration. This change aligns private channels with how shared channels are managed, streamlining policy enforcement but requiring manual updates to ensure coverage. Why This Matters for Data Security and Compliance Admins If your organization uses Microsoft Purview for: eDiscovery Legal Hold Data Loss Prevention (DLP) Retention Policies You must review and update your Purview eDiscovery and legal holds, DLP, and retention policies. Without action, new private channel data may fall outside existing policy coverage, especially if your current policies are not already scoped to the team’s group. This could lead to significant data security, governance and legal risks. Action Required by September 20, 2025 Before migration begins: Review all Purview policies related to private channels. Apply policies to the team’s Microsoft 365 group to ensure continuity. Update eDiscovery searches to include both user and group mailboxes. Modify DLP scopes to include the team’s group. Align retention policies with the team’s group settings. Migration will begin in late September and continue through December 2025. A PowerShell command will be released to help track migration progress per tenant. Migration Timeline Migration begins September 20, 2025, and continues through December 2025. Migration timing may vary by tenant. A PowerShell command will be released to help track migration status. I recommend keeping track of any additional announcements in the message center.
Data Lifecycle Management for Documents outside M365 environment
Hi everyone, Is there a way that purview can be used to manage Data lifecycle management for documents that are stored on-prem and not in the M365 scope ? I remember that Lifecycle management including retention labels are only valid when they are applied withing the 365 environment. If not directly with purview, what can be other methods withing M365 to achieve this ? Thanks
Obtain Deleted Stats (SharePoint) by Retention Policy
I've scoured: https://learn.microsoft.com/en-us/purview/retention-cmdlets and the Unified Audit Log (https://www.meetingroom365.com/blog/search-unifiedauditlog-powershell/, https://theitbros.com/query-microsoft-365-audit-logs-using-powershell/#penci-Search_the_SharePoint_Online_Audit_Log) to see if I can come up with a method to obtain some statistics regarding how many files and space (storage) has been freed up with the use of retention policies being enabled. I'm drawing a blank. In an ideal world, I'd like know how many files have been deleted by the system (the system enforcing a 5 Year from last modified Date and Delete Policy) for the last year or 6 month intervals. If possible the corresponding volume of storage space recovered from these deletions. Any ideas?
How does Purview/data lifecycle management on Mailboxes work for deleted mailboxes?
I have an inkling that it more or less keeps the Mailbox in the Recoverable Items set//folder/dimension, but I don't want to guess. We do not have a license for Purview, I just have discovered that we have policies in here setup and forgotten about (or migrated Compliance and Security, and forgotten about). I say this because I don't fully understand Purview (because I don't want to use it, and we don't have it), yet I have a 'keep forever' policy set on ALL Exchange Mailboxes, but it doesn't actually prevent me from Deleting them. Reading https://learn.microsoft.com/en-us/purview/retention-settings#configuration-information-for-exchange-mailboxes-and-exchange-public-folders and https://learn.microsoft.com/en-us/purview/retention-policies-exchange#whats-included-for-retention-and-deletion doc, the word 'mailbox' appears 54 times. I have responsibilities and a life, but I did manage to find out when MAIL is deleted from Deleted Items, it goes to 'recoverable items' - a folder that exists in (somewhere). What I don't know is what happens if the entire Mailbox is deleted. I have archiving turned off. I notice that there is a separate 'https://learn.microsoft.com/en-us/purview/inactive-mailboxes-in-office-365' article. I genuinely do not have the time or patience to read these massive docs, or the 100 other docs they link to, for a platform way outside my scale, that I don't intend on using. Anyone know? I need to understand how this works before I get approval on removing it.
Data Retention, Compliance, and Litigation Holds
We recently revamped our data retention policies and now I need to set up everything in M365. In the past, we would enable litigation hold under the user's account. Since that only does email, that is not enough. We are now drastically shortening our retention policy and it's critical that all data for a user is accessible if they were brought into a litigation issue. So if we were subpoenaed, I would "freeze" the users data and then it would be possible to search if we were required 1/2/3 months down the road. Is the best way to do this by starting an eDiscovery search and placing everything on hold but not searching for anything? Then, if we were required to search the account, I would edit that eDiscovery hold to include specific queries? Or maybe I would create a "Litigation Hold" retention policy outside of the new default one that would hold their data indefinitely? That seems like a pain to exclude the user and then add them to the other and probably not efficient. Looking for advice from anyone who does this a lot as Microsoft gives a ton of options.. which is great, but it makes it difficult to know the best way when handling critical data.
Deleted Users
Hi all, We have E5 Compliance licenses. I've been asked to set a retention policy of five years just for current employees. If I use a Static scope of all users for the retention policy, what happens when a user leaves. So after the deleted user is soft deleted then hard deleted, are their associated retained emails also deleted. I know we can use inactive mailboxes and legal holds if we want to keep the email, but just wondering about what happens if we don't.Microsoft Data Retention and Destruction
Our compliance team has requested we shorten our retention policy on data. From the numerous sys admin jobs I have had, I have never had to deal with this because we typically had a 10+ year retention policy. So all of this new to me and I wanted to ask for some best practices and advice. We are to set up yearly purging of emails from the previous year and to wipe all Teams' chats past 30 days. We are setting up exclusions for certain people. To those who have experience, what is the best way to set this up in the Microsoft Environment? We are not an E3 or E5 customer so the Purview options I see are not an option. ThanksVersion history and Retention Policies - Why do I have so many versions?
We are using (I believe) the global default of 500 versions for document libraries in SharePoint Online and now we are discovering that the version history is accumulating more than 500 major versions on items in libraries. We have retention policies set for SharePoint sites (do not delete for X years). Is that overriding the version history settings? We have libraries in supporting MSTeams and Communication sites where files are well over the 500 major version limit. 6800+, 7900+ It's kind of insane... I'm not finding the documentation to answer my question very easily. It's also throwing a wrench into backup software that we are trying to run since it doesn't have a setting where it allows us to backup a maximum amount of versions.
