At a meeting of the public IRMS group in London yesterday, I heard how Rob Bath compared the on-premises records retention model with the one offered in Office 365.
Rob described the two models available locally in SharePoint:
Both the Record Center model and the In-Place model are still available in SharePoint Online in Office 365. However, Office 365 provides another way to manage SharePoint Online content retention. This new method is not in SharePoint Online. It resides in the Office 365 Security and Compatibility Center, which manages content across the entire Office 365 application family.
The Security and Compliance Center provides the ability to set up retention labels and retention policies:
Rob concluded that the retention label / retention policy model offered in the Office 365 Security and Compliance Center is a simpler and more effective way to manage SharePoint content than the two models available in SharePoint itself. A member of the audience asked him if there were circumstances in which he would recommend using the Record Center model or in-place model instead of (or in conjunction with) the retention label / retention policy model in Office 365 Second after and then said "no".
In the remainder of this post, I'll be thinking about why, after so many years on such bulky storage in SharePoint, Microsoft has done something better for Office 365.
Office 365 must have a retention model that goes beyond SharePoint.
Microsoft wanted a record retention model for Office 365 that is not specific to a specific Office 365 application, but can be applied to all major applications in the Office 365 family. This forced them to develop a model that was not based on SharePoint-specific features. Specifically, this has broken the link between retention of records and SharePoint content types.
The need to develop a model that could be applied to applications such as SharePoint Online, the Exchange Online e-mail system, and the OneDrive file-sharing application meant that Microsoft had a common denominator between the various applications had to search. The only common denominator between applications is that all content aggregates.
The retention model for records in Office 365
The retention model in Office 365 is very simple. For each application a basic aggregation is identified. In Exchange, it's the email account. In SharePoint, it is the site. OneDrive is the OneDrive account, and so on. In the Office 365 Security and Compliance Center, you can take advantage of the fact that all content in SharePoint is stored on Web sites and all content in Exchange is stored on email accounts, and so on to apply your retention rules.
Essentially, the Security and Compliance Center offers two different strategies for linking retention rules to content:
Applying Retention Policies and / or Retention Labels to Content in Exchange Online and in SharePoint Online
It's possible to use different strategies to apply retention labels / policies in different Office 365 applications in different ways.
I prefer e-mails to set a retention policy for e-mail accounts based on the business value of the correspondence (depending on the role of the individual e-mail account holder) and above In addition, to allow users to use a retention label to identify personal correspondence, so that a shorter retention period may apply.
Following his presentation I asked Rob Bath if he preferred to apply retention policies or retention labels in the SharePoint environment. He said a SharePoint site is usually too big to apply a retention policy. He prefers to install storage labels on libraries and folders within locations. To do this, set your retention rules as retention labels and identify for each label the SharePoint sites for which it is also relevant. As a result, most SharePoint sites have only a small number of retention labels available to manage content. While creating a new library or folder, the library / folder can be configured to apply one of these retention labels to all content stored inside it (see here).
It's important to ignore Microsoft's moving of retention tags so that end users can flag individual items in SharePoint. An end user has no incentive to set a retention period for a single document. In general, it is not recommended that end users be asked to do something that you know they will not do. In the SharePoint environment you should either: