eDiscovery vs. Retention Policy in Microsoft 365

26 Oct 2021

6 min read

eDiscovery vs. retention policy-at a glance

Microsoft 365’s eDiscovery and retention policies serve different purposes but have limitations that can lead to data management challenges. • eDiscovery is designed for legal and compliance searches, not for data recovery, and may miss crucial information if retention settings are not correctly configured. • Retention policies are meant to preserve data for a specific period, but they can be complex to manage and may not cover all data types, increasing the risk of data loss. What is the solution? • SysCloud offers a comprehensive solution that integrates automated backups with flexible recovery options, ensuring that all critical data is continuously protected and easily retrievable, whether for compliance, legal needs, or accidental deletion. This provides a more reliable safety net than relying solely on eDiscovery or retention policies.

eDiscovery hold and retention policy are two native data retention features offered by Microsoft 365. Although both these features can preserve data, they serve completely different purposes.

In this article, we discuss in detail how retention policies are different from eDiscovery holds in Microsoft 365.

1. What is retention policy in Microsoft 365?

Retention policy in Microsoft 365 are rules that can be created to govern business information, comply with industry-related data retention requirements, and prevent data loss instances. Additionally, Retention Policy helps in minimizing storage costs by making it easier to delete unwanted files.

Retention policies can be set by administrators in the Microsoft Compliance Center and can be applied to specific data locations after deciding whether to retain content, delete content, or retain the content for a period and then delete it later.

1.1. Where can you apply retention policy to?

Microsoft 365 retention policies can be applied at a container level to SharePoint Sites, Exchange mailboxes, OneDrive folders, Yammer, Microsoft 365 Groups, Teams Channel and 1:1 messages and media (that gets stored in SharePoint sites and OneDrive folders respectively), and Skype for Business messages.

2. What is eDiscovery in Microsoft?

Microsoft 365 provides a native eDiscovery tool to help organizations identify, preserve, and export ESI (Electronically Stored Information) to be presented as evidence in a legal proceeding.

Administrators can access this feature in the Compliance Center to search for, identify, export, preserve, tag, analyze and cull specific content stored in Exchange mailboxes and public folders, SharePoint Sites, Yammer, etc. Additionally, the eDiscovery hold feature allows administrators to retain data stored in the Microsoft services.

To learn more about eDiscovery, click here.

Pro tip

eDiscovery holds, and retention policies set up to secure business information need to be managed regularly. With SysCloud, organizations can automatically back up Microsoft 365 data and data is always available for restore at any time.

3. eDiscovery vs. retention policy

The diagram below summarizes the basic differences between retention policy and eDiscovery in Microsoft 365.

Microsoft eDiscovery vs. retention policy

3. 1. eDiscovery vs. retention policy: comparison table

eDiscovery and eDiscovery hold	Retention policy
Types
eDiscovery on Microsoft 365 is of two types- Core eDiscovery and Advanced eDiscovery. While Core eDiscovery builds on the capabilities of a content search and allows administrators to apply a legal hold on specific content locations, Advanced eDiscovery supports additional capabilities like analyzing, reviewing, tagging, and culling the results of a content search.	There are two kinds of retention policies that you can enable 1.Policy to retain content till a specific date 2.Policy to delete content after a specific date
Use cases
eDiscovery holds are placed on content location to preserve the data for legal or compliance purposes. eDiscovery is the process of identifying and collecting Electronically Stored Information to be presented as evidence is any legal proceeding.	Organizations that rely on Microsoft 365 for storage have a considerable amount of data stored in them. They can use specific retention policies to ensure that important information is safe, and unwanted information gets deleted.
Services covered
Content locations you can place an eDiscovery hold on include SharePoint Sites, Exchange Mailboxes and public folders, OneDrive for Business, Microsoft 365 Groups, Yammer. (Teams 1:1 chat messages and files are included in OneDrive. Teams channel messages and files are included in SharePoint sites).	Retention policies can be applied to the following applications and locations: Exchange email SharePoint site OneDrive accounts Microsoft 365 Groups Skype for Business Exchange public folders Teams channel messages Teams chats Teams private channel messages Yammer community messages Yammer user messages
Show more

4. What happens to the data that gets deleted after applying retention policy?

Here is a diagram illustrating the movement of the file from the point of deletion to restoration from the preservation hold library or using a third-party backup tool.

The above illustration only represents the general workflow of a file that is deleted after applying the retention policy. SharePoint and Teams retention works a little differently.

Start enjoying faster and easier backups, today

Avoid costly data retention gaps and minimize time to recovery with SysCloud's cloud backup.Start 30-Day Free Trial