Get started with data lifecycle management
Ready to start managing the lifecycle of your organization's data by retaining the content that you need to keep, and deleting the content that you don't? To get started, use the following guidance for Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance):
Understand how retention and deletion works in Microsoft 365, and then identify the workloads that need a retention policy and whether you need to create retention labels for exceptions: Learn about retention
Note
If you need to manage high-value items for business, legal, or regulatory record-keeping requirements: Use retention labels with records management rather than data lifecycle management.
Create retention policies for the workloads you identified, specifying retention settings and actions that are required by your organization policies or industry regulations: Create retention policies
If needed, create and apply retention labels for your exceptions.
Enable mailbox archiving to provide users with additional mailbox storage space: Enable archive mailboxes in Microsoft 365
If required to support archive mailboxes:
Enable auto-expanding archiving for mailboxes that need more than 100 GB storage.
Use retention tags with a retention policy from messaging records management (MRM) if you need to customize how emails are automatically moved from a user's primary mailbox to their archive mailbox, or if you need to specify retention and deletion settings for specific folders rather than the whole mailbox.
Understand and manage inactive mailboxes that retain mailbox content after employees leave the organization: Learn about inactive mailboxes
If you have PST files that contain data you want to govern: Import PST files to online mailboxes by using network upload or drive shipping: Learn about importing your organization's PST files
Tip
If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview trials hub. Learn details about signing up and trial terms.
Subscription and licensing requirements
A number of different subscriptions support data lifecycle management capabilities.
To see the options for licensing your users to benefit from Microsoft Purview features, see the Microsoft 365 licensing guidance for security & compliance. For the features listed on this page, see the Microsoft Purview Data Lifecycle Management & Microsoft Purview Records Management section for feature-level licensing requirements.
Permissions
Important
Microsoft recommends that you use roles with the fewest permissions. Minimizing the number of users with the Global Administrator role helps improve security for your organization. Learn more about Microsoft Purview roles and permissions.
See the following section for information about roles and role groups to manage Microsoft 365 retention.
For permissions to manage mailboxes for archiving, inactive mailboxes, and import, these typically require Exchange permissions, such as the Mail Recipients role. By default, this role is assigned to the Recipient Management and Organization Management role groups. For the exact permissions requirement for each management task, see the documentation that accompanies the admin instructions.
Permissions for retention policies and retention labels
Members of your compliance team who will create and manage retention policies and retention labels need permissions to the Microsoft Purview portal or the Microsoft Purview compliance portal. To grant permissions for this limited administration, we recommend that you add users to the Compliance Administrator admin role group.
Alternatively to using this default role, you can create a new role group and add the Retention Management role to this group. For a read-only role, use View-Only Retention Management.
For instructions to add users to the default roles or create your own role groups, use the following guidance, depending on the portal you're using:
These permissions are required only to create, configure, and apply retention policies and retention labels. The person configuring these policies and labels doesn't require access to the content.
Support for administrative units
Data lifecycle management supports administrative units that have been configured in Microsoft Entra ID:
You can assign administrative units to members of custom role groups and any others that support administrative units. For example, role groups used with Microsoft Purview Records Management. Edit these role groups and select individual members, and then the Assign admin units option to select administrative units from Microsoft Entra ID. These administrators are now restricted to managing just the users in those administrative units.
You can define the initial scope of retention policies and retention label policies when you create or edit these policies. When you select administrative units, only the users in those administrative units will be eligible for the policy.
Important
Don't select administrative units for a policy that you want to apply to SharePoint sites or to Exchange public folders. Because administrative units support only users and groups, if you configure policy for retention to use administrative units, you won't be able to select the locations for SharePoint sites or Exchange public folders.
Both adaptive scopes and static scopes support administrative units.
Additional impact for restricted administrators
- Policy lookup: Restricted administrators will see policies only from users within their assigned administrative units
- Import PST files: Restricted administrators won't be able to use the network upload feature to bulk-import PST files to Microsoft 365 mailboxes
- Exchange legacy features: Restricted administrators won't be able to configure the Exchange legacy features of retention policies and retention tags from messaging records management (MRM), and journaling rules
Currently, retention labels don't support administrative units.
Currently, a restricted administrator can create and view adaptive scopes for all administrative units when they use PowerShell cmdlets.
Currently, inactive mailboxes aren't supported in a policy when you select one or more administrative units. To include inactive mailboxes in the policy, you must be an unrestricted administrator and select Full directory.
For more information about how Microsoft Purview supports administrative units, see Administrative units.
Common scenarios
Use the following table to help you map your business requirements to the most common scenarios for data lifecycle management.
I want to ... | Documentation |
---|---|
Efficiently retain or delete data for Microsoft 365 services and Copilot interactions: - Exchange - SharePoint - OneDrive - Microsoft 365 Groups - Teams - Copilot and AI apps - Viva Engage - Skype for Business |
Create and configure retention policies |
Automatically retain content that's deleted by users who have been identified as having an elevated risk level | Dynamically mitigate the risk of accidental or malicious deletes |
Provide users with additional mailbox storage | Enable archive mailboxes in Microsoft 365 |
Retain mailbox data after employees leave the organization | Create and manage inactive mailboxes |
Upload mailbox data from PST files | Use network upload to import PST files |
For scenarios that require data management of individual items, see the common scenarios for records management.
End-user documentation
See the following section for information about end-user documentation to support Microsoft 365 retention.
The data lifecycle management capabilities for inactive mailboxes and import of PST files don't require end-user documentation because these are admin operations only. To help users understand and interact with their archive mailboxes in Outlook after you've enabled this capability, see Manage email storage with online archive mailboxes.
End-user documentation for retention and deletion
Most retention policies work unobtrusively in the background without user interaction, and so need little documentation for users. Retention policies for Teams inform users when their messages have been deleted with a link to Teams messages about retention policies.
However, if you supplement retention policies with retention labels, these labels do have a UI presence in Microsoft 365 apps. Before you deploy these labels to your production network, make sure you provide information and instructions for end users and your help desk. To help users apply retention labels in SharePoint and OneDrive, see Apply retention labels to files in SharePoint or OneDrive.
The most effective end-user documentation will always be customized guidance and instructions you provide for the retention label names and configurations you choose. See the following page and downloads that you can use to help train your users: End User Training for Retention Labels.