File Plan/Retention Labels cannot be deleted OR found in content explorer
When we try to delete a Purview Records Management > File Plan label (or Data Lifecycle Management > Retention label), we get the following error: "You can't delete this record label because it's currently applied to items in your organization. You can use content explorer to determine which items have this label applied." (see attached image). When we go to content explorer to find the label (in this example, Bank Reconciliations), it doesn't appear to exist (see attached image). We also reviewed our Label policies and Retention policies, and the given labels are not associated with any policy that we can see. So, in result, we cannot clean up File Plan labels since we can't find and remove the association between them and policies / items. Has anyone encountered this error when deleting file plan retention labels, but then unable to find anything the label is associated with?
cannot download content search result
I'm having a difficult time downloading content search results from the Compliance Portal I tried to download using with ClickOnce enabled but i still get the following error; Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item. I did some research which pointed me to trying to reload the site in IE but it's not working since reloading the page in IE rendered the site blank. I reached out to MS Support and they said it's a Windows issue, M365 related. I tried to download using other browsers which I managed to download, however when I tried to run it, the following error appears; Deployment and application do not have matching security zones. I tried using other laptops and the result is still the same. I dont understand why downloading a simple file can be so difficult and frustrating.
Adaptive Scope Sytntax
Hi. I have a requirement to scope only "UserMailbox" data in an Adaptive scope to ensure only user mailbox data is retained and deleted > 7years and shared mailbox is not in scope and retained forever. This scope will then be used in Adaptive Exchange Online Retention policy to Retain and then delete email > 7years old. Could anyone help me define the syntax to use in the query please? I have used the following but am not sure if this is correct even though it never failed when I completed the Adaptive Scope RecipientTypeDetails -eq 'UserMailbox' Thanks in Advance Chris
Auto-labelling in Purview-Which license or alternatives can be used rather than E5 ?
We are considering adopting Purview for Information Protection and DLP, but we are currently on E3 licenses. Given the extensive size of our SharePoint environment, auto-labelling is crucial for applying sensitivity labels to content across wide scopes automatically. My question is, are there any alternatives to upgrading licenses to E5 or adding the Compliance Add-on? Upgrading several thousand users to E5 or the Compliance Add-on requires significant justification, and I am wondering if there are other interim solutions we could leverage for a period of one year. Any thoughts would be greatly appreciated! Thank you! Kev
Duplicate Sensitivity Label Headers and Footers showing in Outlook emails
Hello I have a a strange issue where recipients are receiving duplicate Sensitivity Label headers and footers from our policy. For example, we have an unofficial label that stamps the header and footer as 'Unofficial'. Everytime it is received by a receipient it shows 4 times, 2 on the top as the header and 2 on the bottom. Looking in activity explorer I can see the email I sent listed three times. Any ideas how this could be happenning? ThanksBest practice basics for Labels and DLPs to protect company data
Hello experts, I've been doing some research and testing recently on Information protection and DLP as I would like to deploy it in our organization soon. I am very new into this and found lots of useful information, but still can't answer some very basics for this topic. Would be great to get some advise from ppl that has been using it already. Below are few points that I'm a bit confused and trying to find some clarification. We use exchange online and SharePoint as primary way to exchange information with our external partners. We are licensed with M365 E3 + M365 E5 Security I will create 3-5 labels (based on my testing) and would like to have all documents labelled. For that reason, I would like to use a "default" label feature and have data labelled with that label (Internal) accessible only for internal users. Now, I could achieve it with configuring "Access Control" and allow "All users and groups in your organization" option. This is fine however I've found MS recommendation that default label should not be encrypting data. How can I then achieve that? I've seen advise to remove encryption for that label - but there is no option to remove encryption when configuring "Access Control" for specific users. Or should I just use that label to mark data and do not perform any action? and use DLP to block all emails/documents with Internal label to be shared outside organization? one of the disadvantage I've noticed during testing was that "auto-save" for documents is disabled with encrypted label. I've found that enabling "co-authoring" on tenant should solve that - so I've enabled it and will be testing tomorrow. What is the best way to restrict access between departments within an organization? Should I use Label/Sublabel (e.g. Internal\Legal) approach, or utilize DLP somehow for it? What is the recommended way? I have configured "Confidential" label with "assign permission now" and used "All users and groups in your organization" option, and I cannot select this label in Outlook 365 (when I made it a default label, the email was selected, but when changed to another one and then tried to change back to Confidential, it did not work) I have configured "Restricted" label with "Let user assign permission..." and it works fine for documents (I get a pop up windows to provide allowed users). How this works with emails? Are "allowed users" taken directly from email recipients? As I do not get extra pop up window so I believe it works that way? we are a small company with quite a few external partners - and I would need to prevent emails for abc.com to be sent to xyz.com by human error. Should I use labels access control for it? Or have kind of "external" label and use DLP to check for that label and maybe a subject that needs to mention abc and recipeint is abc.com to allow email externally? These are few very basic questions that I was not able to find answer last few days... First two are a general ones, 3 and 4 are ones that I noticed during my testing. Any advise on this would be great.Microsoft Copilot for Microsoft 365 GCC GA Update
Exciting news for Federal Civilian and SLG customers! Microsoft Copilot for Microsoft 365 GCC is set for General Availability on October 15, 2024 (pending US Government authorization). Key features coming in October: AI-powered tools in Word, Excel, Outlook, and Teams Graph-grounded chat for quick data access Intelligent meeting recaps March 2025 will bring even more capabilities like real-time meeting summaries and task automation. Security & Compliance: Fully aligned with Microsoft 365 GCC standards. :loudspeaker: Read the full blog for more details!Azure OpenAI FedRAMP High + M365 Copilot Targeting Sept 2025 for GCC High/DOD
We’re excited to share two major updates for our public sector and defense customers: Azure OpenAI Service is now FedRAMP High authorized for Azure Government. This approval allows government agencies to securely leverage advanced AI capabilities, including GPT-4o, within their Azure Government environment. For the first time, we’re targeting a General Availability (GA) of September 2025 for Microsoft 365 Copilot in GCC High and DOD environments (pending government authorization). Copilot will deliver powerful AI tools tailored for decision-making, automation, and enhanced collaboration, all while meeting the strict compliance and security needs of our defense and government customers. For more information on these updates and how they can impact your workflows, check out the full blog post Let’s discuss how you’re planning to use these AI advancements in your environments!
