Retention Policy in Office 365 Backup

Data retention policy is an agreement on retaining data for operational or regulatory compliance needs.

Data retention policy appears as a part of an overall data management and plays a significant role since the definition of the terms of keeping a company's data is crucial. Data retention on longer periods than needed produces unnecessary storage usage and increases storage costs.

If user data is modified or deleted during the retention period, a copy of the original content can be always found using the Office 365 Backup UI.

Objects in backup storage which retention period has expired, are deleted automatically, according to a retention policy settings, so this keeps the backup storage size under control. The duration of data retention policy can be ranged from days to years. Objects that were created/modified before the retention period starts will be skipped during backup even if these objects were included in the backup scope.

Retention policy run automatically up to 4 times a week. You can create a custom retention policy or default retention policy, that can be assigned to all users without a custom retention policy. Also you can assign a default retention policy for all users. If no default retention policy is assigned for some users, the backup data of these users will be stored forever.

Retention Policy and Object Lock (Immutability) Support

The Object Lock (Immutability) feature support depends on the retention policy assigned. If the Immutability is applied along with retention policy settings, backups that are subject to the retention policy become immutable for the period specified by retention policy. Refer to the table below for details on how it works.

Object Lock on Backup Destination Default Retention Policy Custom Retention Policy RESULT Comment
✔️ ✔️ ✔️ Backup locked Unable to delete backup data until the period set by custom retention policy expires
✔️ ✔️ Backup locked Unable to delete backup data until the period set by default retention policy expires
✔️ ✔️ Backup locked Unable to delete backup data until the period set by custom retention policy expires
✔️ Backup NOT locked Backup data can be deleted
✔️ ✔️ Backup NOT locked Backup data can be deleted

If you change the default or custom retention policy, all backup data locked with the Object Lock (Immutability) will be kept for the period specified in the retention policy settings applied at the moment these data was backed up.

Create New Retention Policy

  1. Sign in Microsoft 365 / Google Workspace Backup as an administrator. Open the Users page, then select users you want to assign a new retention policy.

  2. In the user menu click Retention Policy

  3. In the pane to the right click Go To List.

  4. Click Create Retention Policy. The Create Retention Policy dialog appears

  5. Name the new retention policy

  6. Select backup service for which this retention policy should be applied. You can create the retention policy for the following services:

    • Mail
    • Drive*
    • Contacts
    • Calendar
    • SharePoint*
    • Teams

    *Consider, retention checks for Drive and SharePoint will be executed up to 4 times a week. The backup storage for these services is checked to see if the retention period expires for some data related to these services, and if it was expired, the data is purged.

  7. Specify the retention policy settings. There are two options to retain backed up objects:

    • Delete Older Than. This option allows you to delete all objects that were modified or created before the specified date (day, week, month, and year periods are available). Select period before backed up or modified objects will be deleted in the backup storage for the selected backup service. Select whether the last revision can be deleted. This settings is intended for for securing actual versions to protect data from occasional purge.

    Consider the following example. Let’s assume that your company requires to store all revised financial documents created less than three months ago. In this case, to ensure data is in the backup storage, select 3 months value for the Delete older than option. With this value selected, backup data will be automatically deleted from the backup storage

    • Purge Delay. Set the purge delays for regular retention policy. This setting allows you to secure your backup storage by keeping backups that have to delete due to a retention policy for some more days. This setting does not affect the Object Lock (Immutability) period.

  8. To temporarily disable the retention policy execution, select the Disable check box. The retention policy will be temporarily disabled. This does not affect other retention policies. The backup data can be still removed manually. To start this retention policy execution, clear the Disable check box.

  9. Click Create to save the created retention policy. This retention policy appears in the retention policy list.

Retention policy run automatically up to 4 times a week.

In case of Object Lock (Immutability) is allowed for the storage account used for Microsoft 365/Google Workspace backup, the backups created for service with configured regular retention policy become immutable and cannot be modified or deleted before the retention period expires. Object Lock (Immutability) is supported by the following storage providers:

Assign Retention Policy

  1. Sign in Microsoft 365 / Google Workspace Backup as an administrator.
  2. Open the Users page, then select users the retention policy to be assigned to.
  3. In the user menu click Retention Policy.
  4. In the pane to the right, select retention policy from the retention policies lists for backup services. If the backup service has not any configured retention policies, No items found text will be displayed. This means you will need to create the retention policy to assing it to the backup service.
  5. Once you are done with the retention policy assignment, click Save. The selected retention policies are assigned to selected users.

Configure Default Retention Policy

  1. To create a default retention policy, in Account menu to the right of the horizontal menu bar click Retention Policies.

  1. Click Default Retention Policy.
  2. Select existing retention policies for the services to set them as default. This default retention policy will be applied to existing users without configured retention settings and for all new users. Users with configured retention settings will not be affected. To apply this retention policy to all users (including users with configured retention settings), select Apply to all users checkbox.
  3. Click Save.

Edit Retention Policy

  1. Open the Users page, then select users the retention policy to be assigned to.

  2. Click Retention Policy.

  3. In the pane to the right click Go To List.

  4. Click the retention policy you want to change, than select Edit Retention Policy in actions.

  5. Once you are done with the retention policy parameters, click Create. The new retention policy is created

  6. Click Back to proceed with retention policy assignment.

-OR-

  1. In the account menu click Retention Policies
  2. In the retention policy list select the retention policy you want to edit and click Edit Retention Policy.

  1. Change the retention policy settings and click Save.

Delete Retention Policy

  1. In the user menu click Retention Policies
  2. In the retention policy list select the retention policy you want to delete and click Delete Retention Policy.

  1. Confirm the deletion of retention policy. The default retention policy will be assigned instead the deleted one. By default, your data will be stored forever.
https://git.cloudberrylab.com/egor.m/doc-help-mbs.git