Upload
juntarou-doi
View
203
Download
0
Tags:
Embed Size (px)
DESCRIPTION
office365- discovery and compliance
Citation preview
Version 2.0 for Office 365 Wave 15
Day 1Administering Office 365
Day 2Administering Exchange Online
Office 365 Overview & Infrastructure Administering Lync Online
Office 365 User Management Administering SharePoint Online
Office 365 DirSync, Single Sign-On & ADFS Exchange Online Basic Management
MEAL BREAK
Exchange Online Deployment & Migration
Exchange Online FOPE
Exchange Online Archiving & Compliance
• Overview• User Experience• Retention & Hold Policies• eDiscovery
Discovery• Respond to strict timelines for legal discovery orders• Reduce costs involved in searching for and retrieving
email data• Report on email communications as part of auditing
procedures
Data Retention• Meet industry and regulatory email data retention
requirements• Support ongoing compliance, litigation, or personnel
matters• Preserve valuable intellectual property and corporate
assets
Storage Management• Balance mailbox size demands with available storage
resources• Reduce the proliferation of .PST files stored outside of IT
control• Improve overall application and network performance
Preserve
Secondary mailbox with separate quota
Managed through Exchange Administrative Center or PowerShell
Available on-premises, online, or through Exchange Online Archiving
In-Place Archive
Automated and time-based criteria
Set policies at item or folder level
Expiry date shown in email message
Governance
Capture deleted and edited email messages
Time-based In-Place Hold
Granular query-based In-Place Hold
Optional notification
Web-based eDiscovery Center and multi-mailbox search
Search primary, In-Place Archive, and recoverable items
Delegate through role-based admin
De-duplication after discovery
Auditing to ensure that controls are met
Hold eDiscovery
* Requires Exchange Server 2010 SP1 on-premises* Requires Exchange Server 2010 SP1 on-premises
• Overview• User Experience• Retention & Hold Policies• eDiscovery
End User Experience Personal archive provides a PST-like experience Accessible on Outlook and OWA No Outlook restart – auto discovers archive Mail automatically moved to the archive through admin policy
IT Pro Experience Same mailbox management experience across the primary and the archive Archive must have a primary mailbox Similar management experience across On-Premises and Cloud
Specialized Exchange mailbox configured and associated with the user’s primary mailbox
Delivers users familiar experience by seamlessly surfacing in both Outlook and Outlook Web App
Use same skills/methods already used to interact with archive email “Drag-and-drop” email to folders Create folders and categorize Conduct searches and filter results Reply to messages and set flags
Exchange Online archive is only accessible online Via Outlook and/or OWA
No additional client access configuration required Always point clients to primary mailbox CAS location
Primary + Archive in the cloud Setup tenant Provision archives
Standalone Archive Setup tenant Setup Rich Co-Existence between on-prem and tenant Provision archives
Enable or modify quickly
• Overview• User Experience• Retention & Hold Policies• eDiscovery
Set policies allowing you to define, deploy, and automate the expiry and archiving of email
Retention Tags Name, Action, Time period Admin mandated or User applied
All Items in Inbox are deleted in 3 years Items and Folders may have a 2 year Archive
Policy
Retention Policies Retention tags Policies span to groups of users like
‘Accounting’ User has one policy and many tags applied
Use the defaults or create new for special projects/roles (e.g., HR)
IT provisioned policiesIT provisioned policies
Delete PolicyDelete Policy
Archive PolicyArchive Policy
Compliance management is a spectrum Full IT Admin control to no IT control (End user tool)
Managed folders (Exchange 2007) Addresses only one end of the spectrum Very little end user flexibility
Message Retention (Exchange 2010/2013) Addresses both ends on the spectrum
Framework for IT admins to associate policy with mailboxes and system folders
Framework for end users to optionally associate policy with their folders and mail items
Retention policies managed separately for on-premises and the cloud Except when only archive in the cloud
• Overview• User Experience• Retention & Hold Policies• eDiscovery
Preserve items for recovery and discovery for a finite or indefinite period of time without impacting end user experience
Preserve items for recovery and discovery for a finite or indefinite period of time without impacting end user experience
Manage Litigation
Hold
Manage Litigation
Hold
Enable the hold policy from the
mailbox settings page
Enable the hold policy from the
mailbox settings page
Comment and URL tell the user how to comply
Comment and URL tell the user how to comply
End user is told how to comply (no action needed for
email)
End user is told how to comply (no action needed for
email)
URL links to additional infoURL links to
additional info
Using this new model, In-Place Hold allows you to create granular hold policies to preserve mailbox items in the following scenarios: Indefinite hold - The indefinite hold scenario is similar to litigation hold in Exchange 2010. It’s intended to
preserve mailbox items so you can meet eDiscovery requirements. During the period of litigation or investigation, items are never deleted
Query-based hold - If your organization preserves items based on specified query parameters, you can use a query-based In-Place Hold. You can specify query parameters such as keywords, start and end dates, sender and recipient addresses, and message types. After you create a query-based In-Place Hold, all existing and future mailbox items (including messages received at a later date) that match the query parameters are preserved.
Time-based hold - allows you to specify a duration of time for which to hold items. The duration is calculated from the date a mailbox item is received or created.
You can use In-Place Hold to place a user on multiple holds. When a user is placed on multiple holds, search parameters of all In-Place Holds are applied together (using an OR operator).
In-Place Hold is a premium feature that requires an Exchange Online Plan 2 or Exchange Online Archiving license to enable it for each user mailbox.
Authorized users that have been added to the Discovery Management role-based access control (RBAC) role group or assigned the Legal Hold and Mailbox Search management roles can place mailbox users on In-Place Hold
Click New +to open the in-place eDiscvery & hold
dialog
Click New +to open the in-place eDiscvery & hold
dialog
Fixed Retention: The ability to preserve user data for a rolling window of time that overrides user actions
Can be achieved using Single Item Recovery (SIR) SIR captures all edits and stores them for the specified time
period
> Set-Mailbox -Identity bobk -SingleItemRecoveryEnabled $true
> Set-Mailbox -Identity bobk -SingleItemRecoveryEnabled $true
Off by default on-premises On by default in datacenter
With default period of 14 days Extend beyond 14 days via Service Request Not recommended beyond 1 year retention
Goals and AssumptionsPerforms distributed search across end user mailboxes located on multiple serversSearch is throttled and parallelizedResults are copied to discovery mailbox after searchAdmins by default do not have access to search all mailboxes, specific RBAC Discovery Role is requiredSingle discovery experience across premise and cloud