This post is part of the overall MS-500 Exam Study Guide. Links to each topic as they are posted can be found here.
This post will cover the following exam topics listed under the “Manage Data Governance and Retention” section:
- Define and manage communication compliance policies
- Configure Information holds
Define and Manage Communication Compliance Policies
Communications Compliance Policies allow us to identify and investigate communication throughout our organization that conflicts with our corporate policies. The simplest example of this is detecting offensive language but we can monitor all different types of communication within the tenancy.
To create our first policy, open up the Microsoft 365 Compliance Center and select “Communications Compliance” under “Solutions”.
From here, we can view some recommended policies including monitoring for offensive language or sensitive info. For this example we’ll create a policy to protect data containing the Product Code information type we set up previously. To create a custom policy, select “Create Policy” and “Custom Policy”.
Give the policy a name and description and click next.
Next select the users to monitor, here we can select specific users or choose to include all users and optionally exclude users or groups. We then choose reviewers who will be tasked with reviewing communications that trigger the policy.
Select the locations to monitor.
Next, we configure the policy settings. The settings available are:
- Communication Direction: Which direction of communication should be monitored
- Inbound – Communication with an external source and internal destination
- Outbound – Communication with an internal source and external destination
- Internal – Communication with an internal source and destination
- Conditions – Define detection rules, this can be particular domains, sizes, labels, sensitive information types etc.
- Review percentage – How much of the matches do you want to trigger a review. To review all matching communication, set this to 100%
Now when our users send a product code externally, the specified reviewer(s) will be sent a review of the communication, allowing the organization to review or “spot check” communications that may be risky.
Configure Information Holds
At times, we may have a requirement to ensure data is retained and exportable for a particular period of time. This can be due to litigation or a data access request for example. We can use Information Holds to help us achieve this.
To configure information holds, open up the Microsoft 365 Compliance Center and select the “eDiscovery” page. To begin an eDiscovery we need to select the “Create a case” option.
Give the case a name and description and click next.
When the case is created, select it from the list and click “Open case”.
This will bring us to the eDiscovery tool. To enable a hold, select the “Holds” section from the top menu and click “Create”.
Give the Hold a name and description and click next.
Next, select the locations to scan. In the below example we are scanning all data we have for one user.
On the next page, we can add keywords or other conditions such as file names, email senders etc. which we can use to narrow down the data we put on hold.
Finally, click “Create this hold” to finish the wizard and enable the hold.
Here we have looked at two different tools we can use in Microsoft 365 to help ensure compliance in our tenancy. In the next post we will finish this topic by looking at recovering deleted data, archiving and inactive mailboxes.
For now, more information on the topics covered here is available at the below links.
Communication compliance in Microsoft 365 – Microsoft 365 Compliance | Microsoft Docs
eDiscovery – Microsoft 365 Compliance | Microsoft Docs
Create eDiscovery holds in a Core eDiscovery case – Microsoft 365 Compliance | Microsoft Docs
One thought on “Study Guide Series: Exam MS-500 – Manage Data Governance and Retention (Part 2)”
Pingback: Study Guide Series – Exam MS-500: Microsoft 365 Security Administration – Sean McAvinue