How to Configure Sensitivity Labels to Block Document Downloads from SharePoint Sites
The SharePoint Online Block Download Policy controls the ability to use features that rely on downloaded files (including temporary files), such as printing or editing with the Office desktop apps. It’s the kind of configuration that organizations might use for sites that hold very confidential files. Although the Set-SPOSite cmdlet can configure the policy for a site, it’s easier to use a container management label. https://office365itpros.com/2024/12/12/block-download-policy-labels/Processing Microsoft 365 Retention Labels with the Microsoft Graph PowerShell SDK
Two types of retention labels are in use: Microsoft 365 retention labels and MRM retention tags. Clients hide the difference, but the Microsoft Graph PowerShell SDK cmdlets can only process Microsoft 365 retention labels for files stored in SharePoint Online and OneDrive for Business. EWS can manage MRM retention tags, but it’s on a fast path to retirement in 2026… https://office365itpros.com/2024/12/18/microsoft-365-retention-labels-ps/Using the Audit Log to Generate a Daily Action Summary for a User
This article describes how to report the audit events for a user over a single day. The task seems simple, but inconsistency in audit payloads make it harder. Workloads don’t help by the variations in audit events. In any case, persistence and knowledge about what the audit event captured for an action helps to decode the data, as illustrated by the script detailed here. https://office365itpros.com/2024/12/03/audit-events-for-a-user/
How do I apply retention label to a folder in a SharePoint library?
Hello All, Can you please advice how do I apply a "Retention label" (Created in M365 compliance centre) to folders in a Document Library? I created this retention label below I published this label and it now appears in document library, but at a individual document level as shown below I am not sure how to make the same appear at a folder level. Note : In the actual customer scenario, they would like different retention labels to be applied to different "folders" (ie, users should be able to apply retention labels to folders, so that the documents inside those folders follow the label applied at folder level). For achieving this, I heard that we only need to create a retention label (not retention policy) as we are looking at a "Folder" level here (not site level or up). However I am not sure how to do it. Please advice.Track Sensitivity Label Downgrades and Removals with Audit Log Data
The Purview Insider Risk Management solution can do all sorts of clever things, like tracking sensitivity label downgrades and removals as an indicator that a user might be preparing to exfiltrate data. The same kind of checking can be done by using the events captured in the audit log when people remove or change sensitivity labels. All in a few lines of PowerShell… https://office365itpros.com/2024/11/20/sensitivity-label-downgrades/Microsoft to Separate Copilot and Teams Compliance Records
In a November 8 post, Microsoft says that Purview Data Lifecycle Management will allow tenants to split processing of Copilot interactions and Teams chats with different policies. The public preview for the change should be available in mid-November. This update makes perfect sense because there’s no logic to dictate that Microsoft 365 tenants want to impose the same retention period for Teams chats and Copilot interactions. https://office365itpros.com/2024/11/12/copilot-interaction-retention/Using Compliance Search Purge Actions to Remove Mailbox Items
Compliance search purge actions are Microsoft's search and purge tool. Today, a purge action is limited to removing 10 items per mailbox. Microsoft is increasing the limit to 100 as part of its eDiscovery modernization project. This article reviews the state of the art for using PowerShell to purge mailbox items and contemplates how purges might work after modernization finishes. https://practical365.com/compliance-search-purge/Using the Members of a Dynamic Microsoft 365 Group to Populate an Adaptive Scope
Adaptive searches are a nice way to target users, sites, and groups for Purview retention processing. But a user adaptive scope can’t select members of a group and target them. That is, unless you use the same attribute to identify users for both a dynamic group and an adaptive scope, which is what’s explained here. https://office365itpros.com/2024/10/15/adaptive-scope-group-members/DLP Policy Tips Get New Premium Conditions
MC894577 announces that DLP policy tips displayed in Outlook will soon support a set of new conditions. That’s good, but the text of the announcement is unclear about important points like the clients that will support the new policy tips, what kinds of groups are supported by the conditions, and precise details of how Outlook will differentiate between users with Office 365 E3 and E5 licenses. https://office365itpros.com/2024/09/25/dlp-policy-tips-premium/Purview eDiscovery’s Big Makeover
eDiscovery is a calling best left to skilled investigators. But Microsoft 365 administrators need to know how to search and how the new Purview eDiscovery works. The new implementation is due by the end of 2024 and is in preview now. It unifies the three existing solutions in the Microsoft 365 eDiscovery space and promises to deliver new functionality. But will it make its dates? Who knows! https://office365itpros.com/2024/09/09/new-purview-ediscovery/
