Hi HoffCM,
Thanks for your efforts on our products.
I would like to recommend retention policies and retention labels for you in Microsoft 365.
With these two retention actions, you can configure retention settings for the following outcomes:
- Retain-only: Retain content forever or for a specified period of time.
- Delete-only: Permanently delete content after a specified period of time.
- Retain and then delete: Retain the content for a specified period of time and then permanently delete it.
Once you create a label and published it, we will be able to see this label on the SharePoint site and you can choose to apply this label. You can also mark the items as a record so that only admins for the container can manually change or remove retention labels that mark items as a record.
However, about the other requirements, I am sorry to convey that I didn't find a way to use the digital signature in policy, however, you may check the Data Loss Preservation policy (DLP) to achieve your requirement.
In Microsoft 365, you implement data loss prevention by defining and applying DLP policies. With a DLP policy, you can identify, monitor, and automatically protect sensitive items across:
- Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive
- Office applications such as Word, Excel, and PowerPoint
- Windows 10 endpoints
- non-Microsoft cloud apps
- on-premises file shares and on-premises SharePoint.
You can select the specific file type in a specific SharePoint site to apply to this policy. DLP can detect certain keywords to the matching patterns. For example, a VISA credit card number has 16 digits. All DLP monitored activities are recorded to the Microsoft 365 Audit log by default and routed to Activity explorer.
Here is the related article for you:
Learn about data loss prevention - Microsoft 365 Compliance | Microsoft Docs
Create, test, and tune a DLP policy - Microsoft 365 Compliance | Microsoft Docs
Hope it could help.
Best Regards,
Ivy