This article can also be found in the Premium Editorial Download "Exchange Insider: Everything you need to know about Exchange Online retention policies."
Download it now to read this article plus other related content.
There's plenty to think about when it comes to email retention in the cloud. Admins need to consider spam and numerous legal requirements for backup, recovery and retention. To meet these demands, Exchange Online admins must know the basic building blocks of message-retention policies, as well as the associated costs and how to manage them.
Getting started with Exchange Online policies
Policies are made up of rules, which are known as retention tags. They come in four parts:
a name, a type, an age and an action. The tag type indicates the kind of message that the action affects. Age indicates when the action is applied.
Actions are basic email operations such as moving a message to archive and deleting a message while allowing for recovery. Retention tags are grouped together into policies and those policies are applied to mailboxes. When you apply a policy to a mailbox, the rules are executed by the Managed Folder Assistant process.
If you’re already familiar with Exchange 2010 retention policies, remember that there are important differences between running your own Microsoft Exchange Server in-house and using a cloud-based service.
For one, you cannot control the way the Managed Folder Assistant runs in the cloud. Exchange Online uses a seven-day work cycle for Managed Folder Assistant, and over the course of seven days, every mailbox in your organization should have its retention tags evaluated, and, when appropriate, their actions executed. When you manage your own Exchange Server, you can specify the length of the work cycle.
Another difference between Exchange Online and on-premises Exchange is the application of Microsoft’s default messaging records management process. If you do not have custom retention policies in place with Exchange Online, then a standard Exchange Online process will be applied to mailboxes.
This standard process limits the growth of items in critical-path folders, such as the inbox, sent and deleted folders. When you apply the standard process, managed folders are created and content is moved from the critical-path folders into the managed ones until the number of items in the critical folders falls below the maximum items threshold.
Let’s assume you need a document-retention policy for human resources managers who retain sent messages for six months before deleting them. Before you create a new policy, list the existing policies to see if any of them meet your needs. Start with the command to list policy names:
Get-RetentionPolicy | fl Name
One of the policies listed is called “HR All Employees” and looks relevant; you list the tags to see what rules are included in this policy with this command:
Get-RetentionPolicy “HR All Employees” | fl RetentionPolicy-TagLinks
One of the tags listed is “HR All Employees—Sent”, and you decide to check this tags setting using:
Get-RetentionPolicyTag “HR All Employees – Sent”
You realize that the policy includes a tag with a 90-day retention period on sent messages, so the policy does not meet your requirements. You create a new policy with a 180-day retention period with the following command:
New-RetentionPolicyTag “HRManagers – 6 Month Sent” –
SentItems -AgeLimitForRetention180 – RetentionAction DeleteAnd AllowRecovery
You can then create a new policy with the new tag.
You want to manage deleted messages in the same way for all HR employees, so you include another tag (“HR All Employees – Delete”) for that as well:
New-RetentionPolicy “HR Managers”
“HR Managers – 6 Month Sent”, “HR All Employees – Delete”
Next, apply this policy to the mailboxes of your HR managers using commands such as:
Set-Mailbox “Susan Johnson” – RetentionPolicy “HR Managers”
If you don’t want to wait seven days for the Managed Folder Assistant to run again, you can immediately apply the policy to a mailbox with the following command:
Start-ManagedFolderAssistant -Identity “Susan Johnson”
When you need to delete a policy or tag, use the Remove-RetentionPolicy and Remove-RetentionPolicyTag, respectively.
From these examples, you can see that the PowerShell commands for managing polices are grouped into create and remove operations for policies and tags along with get and set operations for their attributes. If you prefer, you can also use the Exchange Management Console to configure Exchange Online.
Don’t tie policies to individuals; instead, design retention policies based on employees’ roles and responsibilities. This helps avoid policy creep that leaves you with multiple, overlapping policies.
Devise a naming convention that aligns policy names with the roles they use. Include a role (“HR Manager”) in the policy name and message type in tags (“HR Manager – Sent”).
Be careful when using tags in multiple policies. If you need to change the age or action for one policy but not the other, you must create a new tag and link it to one of the policies.
This is not a problem, but making a change can quickly become a problem when you forget that a tag is used in multiple policies.
Cost control with Exchange Online policies
Well-prepared message-retention policies enable you to steer clear of paying fines for noncompliance and unnecessary storage costs. They avoid costs by mitigating the risk that you’ll violate regulations governing document retention.
For example, state and federal agencies may limit how long you can keep consumer records or protected health information. If there is a possibility that certain employees may use email to exchange sensitive or regulated information, you may decide to implement a policy that deletes all email messages in those employees’ mailboxes according to the time limits in the regulations.
Retention policies also help manage storage costs. By ensuring that old content is deleted on a defined schedule, you reduce the risk of users exceeding their quota. Exchange Online Plan 1 allows for 25 GB of storage per user’s primary mailbox and personal archive, which is adequate for most employees.
Storage management also reduces the amount of content that’s indexed for search, which leads to further storage savings and improved search operations.
In some cases, however, retention policies aren’t sufficient for comprehensive archiving requirements.
Retention policies can be used to archive messages once they reach a specified age. Before that time, a user could delete the message without it being archived, so don’t rely on retention policies for preserving messages that might be needed for e-discovery or some other business or legal reason.
Exchange Online allows you to journal messages to external storage if that’s what you need. It also supports litigation holds on mailboxes, if required.
Exchange Online retention policies can automate some important aspects of message management, especially when the policies align with organizational roles, meet compliance requirements and are structured for long-term manageability.
ABOUT THE AUTHOR
Dan Sullivan is a technology writer and analyst with Concentrated Technology, LLC.
This was first published in July 2012