Information barriers seem like a good idea. Implement policy-driven controls over who can communicate within a Microsoft 365 tenant. Microsoft is making the solution available to education tenants. In reality, they should spend some the engineering effort required to improve the current sad state of the information barriers solution. No GUI, horrible management, PowerShell with impenetrable errors, and a lack of visibility into how the solution works.
For compliance purposes, the Microsoft 365 substrate captures copies of Teams messages in Exchange Online mailboxes. The compliance records are indexed and discoverable, which means that they can be found by content searches. However, Teams compliance records are imperfect copies of the real data, which is a fact that seems to have escaped many people.
The Teams mobile clients allow users to record and send voice memos in personal and group chats. It’s nice functionality, but from a compliance standpoint some glaring weaknesses exist in the way that Office 365 captures compliance records for these memos. No voice recognition, no metadata, nothing to search for. It’s a compliance mess that Microsoft needs to clean up.
Sometimes Office 365 can be infuriating. My latest tribulation came in the form of missing retention labels, which disappeared from SharePoint Online without any reason for two weeks. Some labels returned due to auto-label policies, but any applied to documents manually had a vacation somewhere in the bowels of the services. It wasn’t a good experience.
A new report commissioned by Microsoft explains how Exchange Online and the Security and Compliance Center meet the electronic records requirements of regulatory bodies like the SEC and FINRA. Within the report, there’s some news about changes to the way that Office 365 handles Teams compliance records stored in Exchange Online. And after all that, we consider how some backup vendors treat Teams compliance records as equivalent to the data stored in the Teams Azure services.
Microsoft has updated its retention period for Office audit records from 90 to 365 days, but only for accounts with Office 365 E5 licenses. On another front, the problem with truncated audit records for Azure Active Directory events still persists.
A little known fact is that you can use graphic symbols and characters in Office 365 labels. It might bring a splash of color to your compliance and retention efforts, especially in a world where emojis are everywhere. After all, the symbols are just character codes that computers can process and Office 365 is designed to be multilingual and cope with different character sets (like the way Teams deals with Hebrew and Arabic).
Content Searches Find Teams Compliance Items When someone leaves your company, you might need to preserve their Office 365 data. The steps needed to preserve user information stored in Email, OneDrive, and SharePoint are straightforward, but what about the messages the employee sent using Teams? As it turns out, an Office 365 content search or …
Read More “Preserving the Teams Data of Ex-Employees”
A new Petri.com article explains how to reassemble IM conversations using the compliance records captured by Skype for Business Online and Teams.