Retention policy vs Litigation hold: A comprehensive comparison


Exchange by Microsoft Office 365 offers its users data loss protection by providing a native form of data holding within the program. There are a lot of methods to store and secure data; however, the most effective forms of data storing come from using retention policies and Litigation holds. They appear to be comparable upon first viewing: these forms of data loss protection can be implemented through the Office 365 Compliance management center and serve a very similar function. However, as you can see in the guide illustrated below, there are significant discrepancies between them.

In the guide below, we will illustrate the key differences and provide some information on each of the two forms of data protection methods. I will also provide more information on how you can set a retention policy and a litigation hold in Office 365. Use the guide below to read through the comparisons; then, you can use the final section to set your preferred means of data protection.

  1. A brief overview of what a retention policy and litigation hold are.
  2. Retention policy vs. Litigation hold – comprehensive table of information.
  3. How to apply a Retention policy and a litigation hold.
    1. How to apply a retention policy.
    2. How to apply a litigation hold.

Above are some of the areas covered in the guide shown below; read through and get a better understanding of what’s required before applying your form of data loss protection if required. The comparison table will help you dictate which form of protection best suits your data.

A brief overview of what a retention policy and litigation hold is

Here is a brief overview of both a retention policy and litigation hold; before you proceed, it helps to understand each of the two protection methods. The overview is handy for those who may not understand what each method may mean.

What is a retention policy?

Retention policies serve two purposes: keeping data-related information safe from unnecessary deletion or even removing items if needed. They can be used to protect an entire company, a set of users, a single mailbox, or even a website. You can utilize advanced settings to keep or remove only the elements that contain the words or phrases you specify. Implementing an organization-wide retention rule will apply to all users, even those who have just been added.

If set, recoverable items such as files or folders or even data scanned emails from mailboxes are protected by retention regulations. There will be no deletion of an item if at least one policy applies to it. Otherwise, objects are purged – removed without a method to retrieve them – after a certain period (by default, 14 days, but it may be raised to 30 days). Beyond this point, items will be deleted with no recovery in place.

What is a litigation hold?

Litigation Hold is one of the features of Exchange Online’s eDiscovery functionality. Putting mailboxes, public folders, or sites (such as OneDrive and SharePoint) on Litigation Hold prohibits users from permanently removing all or selected items. Before the current modifications, litigation hold could only be used to encrypt whole mailboxes. Litigation Hold now allows you to use filters to specify what should be protected and what shouldn’t.

Litigation hold, just like a retention policy, can be used to secure data to prevent data loss that could impact a company if that information is required. Although protected data can be stored indefinitely, incorporating all mailboxes is not recommended because it will save everything, including spam emails, making future searches difficult. Furthermore, removing a hold deletes all erased data permanently. You may save mailboxes locally by exporting them to PST files. You will boost your data security this way; however, you may find this backup technique a little sluggish and problematic.

Retention policy vs. Litigation hold – comprehensive table of information

Below is a table that shows all the information for a comprehensive guide on the differences between a retention policy and a litigation hold. You must keep in mind that the table shown below is only applied to Office 365 and has been tested on an Office plan which includes the necessary compliance and retention programs. Make sure you use an Office plan that includes compliance to make the most use of all the functionalities offered by Office 365.

Retention policyLitigation hold
Can be used to recover deleted itemsYesYes
Available resources are reduced for usersNoNo
Limiting factorsYou can have 1000 specific policies set per-user or 10 set for organizationsSet a hold with a limit of 1000 mailboxes,
Company-wide holds are limited to 10000
Permissions requirementsSecurity & Compliance Center’s Compliance Administrator position groupeDiscovery role required within the compliance manager
New user applicationsAutomatic applications for new usersNeed to be manually added to each user that is new
UsageRecovery is enabled and prevents the deletion of data by a userArchives or deleted items; it also stops users from deleting content
Mailbox deletion preventionYesYes
Apply time limitsSetting time limits enabled by advanced data managementYou can manually turn off holds upon request
Deleted information searchUse eDiscovery searchUse eDiscovery search
What type of license do you requireRetention policies and labels can only be accessed in Microsoft 365’s, E3, and E5 versions.Litigation hold is available in Microsoft 365’s advanced E3 and E5 versions

There isn’t much difference between the two policies. Remember that retention policies will have a more robust protection input on data; however, it is more limited in how many you can set. The litigation hold will have a higher set limit but will be a manual input for all new users that are added. Holds and retention policies can coexist. It is, in reality, a common occurrence for a tandem. It’s worth noting that even if a policy exists that deletes some things, it won’t function on those that have an active hold.

Unless a user attempts to update or remove data after implementing a retention policy, the content will remain unmodified for the set duration. When someone tries to remove content protected by the retention policy, the original data type is transferred to the Recoverable Items folder or the Preservation Hold Library in eDiscovery and secured. The information will be accessible until the end of the chosen retention term you set when creating the policy.

You can manually impose a litigation hold on a restricted number of individuals and data types. However, if it is utilized for any data, it will outperform whatever retention restrictions that have been applied to that data. Once you have lifted the litigation hold, any retention policies you set will take control over data protection duties. You must also remember that data preservation with a Litigation Hold is impossible, so if you have any data erased before a litigation hold, it won’t be safeguarded unless it is already subject to a retention policy.

Key points to define both a Retention policy and a litigation hold

Here are some points that define the characteristics of both a Retention policy and a litigation hold. While the table effectively gives more context, these are some of the main points that will have more of an impact on which method you should apply when it comes to data protection.

  • The retention policy prevents data from being permanently deleted by shifting the original material to the archive. A litigation hold allows you to retrieve data and prevent it from being deleted. 
  • New users can be immediately assigned to a retention policy. Every new user must have a Litigation Hold placed on them. 
  • Litigation Hold begins functioning roughly after an hour, whereas retention policies can take roughly a whole day to begin working. 
  • The data retention policy establishes time limits for maintaining the data. Litigation Hold can be manually turned off and on.

The points illustrated above will give you a brief explanation of the defining factors between a Retention Policy and a Litigation Hold and how they may help you protect and safeguard your data.

How to apply a Retention policy and a litigation hold

In this section, I will show you how you can apply a retention policy and a litigation hold; after reading the content illustrated above, you may have gotten to a point where you now want to set your preferred data protection measures. Here I will talk about how you can apply both methods to help you secure your data. Have a read-through and understand how you can apply a Retention policy and a litigation hold.

How to apply a Retention Policy

Here is a guide on how you can apply a retention policy using the Compliance program in Office 365; the guide includes a step-by-step walkthrough of the processes involved and screenshots to give you a better understanding of each step required to apply a retention policy. Screenshots also help add visual context, giving you some idea of how you can navigate through the UI. As mentioned earlier, you can define a retention policy down to just SharePoint files if necessary.

  • Firstly, open Office 365.
  • From there, use the launcher to navigate over to “Admin.”
  • In the Admin section, click on “Compliance.”
  • Now click on “Data lifecycle management.”
  • From there, click on “Retention policies.”
  • Now click on “New retention policy.”
  • Enter a name, describe your policy, and click on “Next.”
  • Now choose a policy type; this is adaptive to what you need.
  • From there, press “Next.”
  • Now choose your policy locations, then press “Next.”
  • Set a retention period, then click on “Next.”
  • Finally, review your policy and then click on “Submit.”

Any form of replaceable data can be retained using a retention policy. A retention policy with the specifications you set will now have been applied to the specific location chosen. You can set your retention policy for mailboxes and private Teams conversations if required. You can even set a policy to maintain the file even after the given period is complete. However, you need to remember that the policy will no longer affect the content remaining, so after the policy has expired, you may risk losing files or folders if they are not protected. You can also delete the retention policy; this is so that if you made a mistake or no longer have any use for the retention policy, you can remove it.

How to apply a litigation hold

If you are looking for a process on how to apply a litigation hold, use this guide to help you get a better understanding. To apply a litigation hold, you can use the Admin center as it applies the policies on users based on the content. If you have the correct admin permissions, you can apply the permissions to any user you require to have a litigation hold. Use this guide for an in-depth breakdown of the steps required to apply a litigation hold.

  • Firstly, open Office 365.
  • From there, use the launcher to navigate over to “Admin.”
  • From there, click on “Users.”
  • After that, click on “Active users.”
  • Select a user from the list.
  • Now click on “Mail.”
  • After that, click on “Mailbox litigation hold.”
  • Ensure the checkbox for the “Turn on litigation hold” is selected.
  • Then, fill out the information such as the holding duration and visible to user information.
  • Finally, click on “Save changes.”

A litigation hold will be applied once you have completed the steps above; this will set a holding on that user’s information and visibility settings. The procedure is quite simple; as long as you have the correct permissions, you will be able to complete the steps illustrated above.

Conclusion

You now should better understand the differences between a retention policy and a litigation hold in Office 365. The litigation hold has more control over user retention and the content based on specific users, and a retention policy covers everything within the program. You can even set a policy for individual files or folders within the program. However, if you encounter any issues with the content we have provided, drop a comment below, and we will address those issues as quickly as possible.

Recent Posts