Compare capabilities in retention policies and retention labels
The following table can help organizations identify whether to use a retention policy or retention label, based on capabilities.
Capability | Retention policy | Retention label |
---|---|---|
Retention settings that can retain and then delete, retain-only, or delete-only. | Yes | Yes |
Workloads supported: - Exchange - SharePoint - OneDrive - Microsoft 365 groups - Skype for Business - Teams - Yammer |
Yes Yes Yes Yes Yes Yes Yes |
Yes, except public folders Yes Yes Yes No No No |
Retention applied automatically. | Yes | Yes |
Automatically apply different retention settings at the end of the retention period. | No | Yes |
Retention applied based on conditions: - sensitive info types - KQL queries and keywords - trainable classifiers - cloud attachments |
No | Yes |
Retention applied manually. | No | Yes |
End-user interaction. | No | Yes |
Persists if a user moves the content. | No | Yes, within your Microsoft 365 tenant. |
Declare item as a record. | No | Yes |
Start the retention period when labeled or based on an event. | No | Yes |
Disposition review. | No | Yes |
Proof of disposition for up seven years. | No | Yes, when you use disposition review or you mark an item as a record. |
Audit admin activities. | Yes | Yes |
Audit retention actions. | No | Yes (1) |
Identify items subject to retention: - Content Search - Data classification page, content explorer, activity explorer |
No No |
Yes Yes |
Footnote:
(1) Some retention labels don't mark the content as a record or regulatory record. With these labels, the system limits auditing events to when an item in SharePoint or OneDrive has a label applied, changed, or removed. For auditing details for retention labels, see the upcoming unit that examines auditing retention configuration and actions.
Combining retention policies and retention labels
Organizations don't have to choose between only using retention policies or only using retention labels. You can use both methods together. In fact, when you use them together, they complement each other for a more comprehensive solution.
The following examples are just some of the ways in which you can combine retention policies and retention labels for the same location.
For more information, see the upcoming unit in this training content about how retention policies and retention labels work together. That unit also explains the principles of retention and what takes precedence.
Example for users to override automatic deletion
Scenario: By default, Contoso wants to automatically delete the content in every user's OneDrive account after five years. However, users must be able to override this event for specific documents. Possible solutions include:
- Contoso creates and configures a retention policy that automatically deletes content five years after it's last modified. It then applies the policy to its OneDrive accounts.
- Contoso creates and configures a retention label that keeps content forever. It then adds this retention label to a label policy that it publishes to its OneDrive accounts. Contoso explains to users how to manually apply this label to specific documents. It also explains how to configure this label to exclude these documents from automatic deletion if users didn't modify them for five years.
Example to retain items for a period longer than the default
Scenario: By default, Contoso wants to automatically retain SharePoint items and then delete them after five years. However, it wants to retain documents in specific libraries for 10 years. Possible solutions include:
- Contoso creates and configures a retention policy that automatically retains and then deletes content after five years. It then applies the policy to all SharePoint and Microsoft 365 Groups instances.
- Contoso creates and configures a retention label that automatically retains content for 10 years. It then publishes this label to SharePoint site administrators. By doing so, they can apply it as a default label that all items in specific document libraries inherit.
Example to delete items in a shorter time period
Scenario: By default, Contoso automatically deletes emails after 10 years. However, after one year, Contoso wants to automatically delete emails related to a specific project that has a prerelease code name. Possible solutions include:
- Contoso creates and configures a retention policy that automatically deletes content after 10 years. It then applies the policy to all Exchange recipients.
- Contoso creates and configures a retention label that automatically deletes content after one year. Options for applying this label to relevant emails include:
- Contoso creates an autolabeling policy that identifies content. It does so by using the project code name as the keyword. It then applies the policy to all Exchange recipients.
- Contoso publishes the label and instructs users involved in the project on how to create an automatic rule in Outlook that applies this label.
- Contoso publishes the label and instructs users to create a folder in Outlook for all emails related to the project. The users apply the published label to the folder, and then create an Outlook rule to move all project-related emails to this folder.
How long it takes for retention policies to take effect
When you create and submit a retention policy, it can take up to seven days for the system to apply the retention policy. First, you must distribute the retention policy to the locations that you selected, and then you must apply it to the content.
You can always check the distribution status of the retention policy. To do so, select it from the Retention policies page in the Microsoft Purview compliance portal.
However, if you see (Error) included in the status that appears on the flyout pane, you can use Security and Compliance PowerShell to retry the policy distribution. Security and Compliance PowerShell is the administrative interface that enables you to manage compliance and some security features of your Microsoft 365 organization from the command line (mostly Microsoft Purview risk and compliance features).
For example, you might see a message in the location details that indicates it's taking longer than expected to deploy the policy. If this situation occurs, try running the Set-AppRetentionCompliancePolicy or Set-RetentionCompliancePolicy PowerShell command to retry the policy distribution:
- Connect to Security & Compliance PowerShell.
- Run one of the following commands:
For the policy locations: Teams private channel messages, Yammer user messages,and Yammer community messages:
Set-AppRetentionCompliancePolicy -Identity <policy name> -RetryDistribution
For all other policy locations, such as: Exchange email, SharePoint sites, and Teams channel messages:
Set-RetentionCompliancePolicy -Identity <policy name> -RetryDistribution
How long it takes for retention labels to take effect
It can take up to seven days for the system to apply retention labels when you autoapply retention labels based on:
- Sensitive information
- Keywords
- Searchable properties
- Trainable classifiers
If the expected labels don't appear after seven days, check the Status of the autoapply policy by selecting it from the Label policies page in the Microsoft Purview compliance portal.
However, if the status is Off (Error), you can use PowerShell to retry the policy distribution. For example, you might see a message in the details for the locations that indicates it's taking longer than expected to deploy the policy (for SharePoint) or redeploy the policy (for OneDrive). If this situation occurs, try running the Set-RetentionCompliancePolicy PowerShell command to retry the policy distribution:
Connect to Security & Compliance PowerShell.
Run the following command:
Set-RetentionCompliancePolicy -Identity <policy name> -RetryDistribution
Tip
Often, the policies take effect and users see labels quicker than seven days. But with many potential variables that can affect this process, it's best to plan for the maximum of seven days.