A Guide to OneDrive for Business Data Retention

Default data retention in OneDrive for business

Limitations of Microsoft 365 default retention for OneDrive for business files

• The OneDrive data retained by default is counted against the total storage available with Microsoft 365. Once the limit is exceeded, businesses will need to purchase more storage space.

• Files deleted from OneDrive for business will be permanently deleted once the retention period ends.

How to retain OneDrive for business data?

Native retention methods

Retention policies to retain OneDrive for business data

Licensing requirements to use retention policy

How to set retention rules to retain OneDrive for business files?

• Step 1: Open the Compliance admin center and navigate to the ‘Information governance’ section.

• Step 2: Select ‘Retention policy’ -> ‘+New retention policy’.

• Step 3: Add a name to your retention policy and select the type of retention policy you need.

• Step 4: Choose ‘OneDrive account’ as the location. Administrators can choose specific accounts to include or exclude.

• Step 5: Choose the retention duration. Administrators can choose to retain the data in the chose OneDrive account for a custom period or forever.

• Step 6: Review and finish. Check the settings and click “Submit”.

What happens when OneDrive for business data gets deleted after retention policy is applied?

Microsoft eDiscovery to retain OneDrive for business data

License requirements to access eDiscovery to preserve OneDrive for business data

How to enable eDiscovery holds to retain OneDrive for business files?

• Step 1: Navigate to the Microsoft 365 Compliance Center.

• Step 2: Navigate to Core eDiscovery under “eDiscovery” in the left-hand side menu bar.

• Step 4: Create a case by clicking ‘+Create a case’.

• Step 5: Click the case name and navigate to ‘Holds’ on the top menu bar. Click ‘+Create’.

• Step 6: Add a name for the hold and a description if needed.

• Step 7: Turn on the toggle button next to SharePoint Sites. (OneDrive for business accounts are included under SharePoint sites).

• Step 8: To place a hold on specific OneDrive for business accounts, click ‘Choose sites’. The administrator can choose from a list of OneDrive for business site URLs or manually add a specific OneDrive account URL.

• Step 9: Add keywords to lookout for.

• Step 10: Review the settings and click ‘Submit’.

Limitations of native retention methods

• Retention policies and eDiscovery features are available only with E3 and E5 licenses.  

• In case of modification or deletion of any OneDrive data retained using retention policies, a copy of the data moves to the preservation hold library. Preservation hold library storage is counted against the total storage quota and businesses will have to purchase additional storage when using retention. Below is a note from Microsoft that highlights the storage implication when using the Preservation Hold Library.

• Unlike third-party backup tools, native retention feature does not come with automated recovery options. In case of a data loss event, administrators can only export the data and restore it manually. Microsoft eDiscovery also lacks the auto-enrollment feature that automatically preserves  data belonging to newly added users.

• To retain deleted/suspended user data, organizations need to continue paying license costs.

• OneDrive data retained using eDiscovery becomes inaccessible to the users. Users cannot modify or work on the OneDrive data as long as the hold is in place.

Retain OneDrive for business files using third-party backup solutions