View
1.548
Download
0
Embed Size (px)
Citation preview
Part III: Records and Information Management&
Information GovernanceJohn P. Collins, JD, Director-Information Governance SolutionsJohn Holliday, JD, Principal, Holliday & Associates
Office 365 for the Information Governance and eDiscovery
Practitioner
Part I: The Fundamentals of Office
365• When: Tuesday, October 6
at 1:00 PM Eastern TimeWhat is Office 365 (it’s not just email in the cloud!) but rather an entire ecosystem of applications, tools, and content. This webinar breaks it all down.
• The Office 365 plans available—and why this is important
• The primary system components (Exchange, SharePoint, and Skype for Business)
• Types of data and ESI likely to reside in Office 365
• Overview of the Information Governance and eDiscovery features built into the platform
Three-Part Webinar Series: Office 365 for the Information Governance and eDiscovery Practitioner
Part II: eDiscovery Deep Dive
• When: Tuesday, October 27 at 1:00 PM Eastern Time
Can you address some, all, or none of your eDiscovery requirements and needs using the built-in eDiscovery features of Office 365? This webinar will help organizations answer this question.
• Review of type of ESI available for discovery from Office 365
• eDiscovery Center explained: where much of the eDiscovery activity takes place
• Exchange (email) only eDiscovery
• Office 365 Compliance Center
• Pros and cons of built-in eDiscovery features
• Guest Speaker: Craig Ball
Part III: Information Governance and RIM
• When: Tuesday, December 1
at 1:00 PM Eastern TimeOffice 365 provides several different approaches to the retention and disposition of data—including full records management capabilities via SharePoint. This webinar will provide an overview of the various options and approaches to managing data residing in Office 365.
• Options for records management in SharePoint and Exchange
• Security and compliance features– Data loss prevention (DLP)
– Mobile device management (MDM)
– Information Rights Management (IRM)
– Encryption
– Auditing
• Guest Speaker: John Holliday
http://dtiglobal.com/news-events/events
Recordings
Available!
Housekeeping
• Today’s webinar is being recorded and will be available for download within 1-2 days
• If you experience technical problems please call 888-447-1119 and press “2”
• To make comments or ask questions-enter using your keyboard via the “Chat” function
4
Guest Speaker
• John F. Holliday, JD– Principal, Holliday & Associates– Information Risk Management Consulting
John F. Holliday, J.D. is a 5-year veteran of the Microsoft Most Valued
Professional (MVP) program for the Office SharePoint Server product line.
John has a broad range of professional software development and consulting
experience spanning more than 30 years, most of it focused on content
analytics, document automation, enterprise content management and related
systems.
John is a regular speaker at SharePoint conferences, has authored or co-
authored several popular SharePoint development books, and is the founder
of the SharePoint Developer Network (www.spdevnet.com), an international
network of professional SharePoint developers with over 5000 members
worldwide.
In addition to his professional career, John is actively engaged in
humanitarian activities through Works of Wonder International
(www.worksofwonder.org), a non-profit he founded in 2002, and the
International Association for Human Values (www.iahv.org), an international
service organization devoted to uplifting human values throughout the world.
5
Contact Information
• John P. Collins, JD– Director, Information Governance Solutions John Collins, J.D., DTI’s Director of Information Governance
Solutions, has extensive experience in assisting clients with a full range of information governance services, including data mapping, litigation and electronic discovery readiness, and the development of records and e-mail management and retention policies. As a technology manager for Thomson West (now Thomson Reuters), John managed a team of technology consultants providing technology solutions and installation and integration services to law firm and corporate legal departments throughout the Midwest. As Vice President for Consulting at The Ingersoll Firm, John worked with IT staff at a number of Fortune 1000 companies on data mapping and eDiscovery readiness engagements. He has also published a number of articles and conducted numerous seminars, webinars and CLE programs on information governance and litigation readiness topics. John is a graduate of Nazareth College and the Concord Law School.
6
Agenda
• Fundamental components of Office 365 from a RIM/IG perspective• RIM & IG features in Office 365: retention and disposition
–Exchange specific–SharePoint specific
• SharePoint Records Center
• RIM & IG features in Office 365: information security–Data Loss Prevention (DLP)–Encryption–Information Rights Management (RIM)
• Additional RIM & IG features in Office 365–Mobile Device Management–Auditing
• The Compliance Center
7
Fundamental components of Office 365
•Collaboration (Team Site)•Intranet/Portal
•Blog, Wiki•File Storage (OneDrive for Business, Video Portal, etc.)
•Application development•Enterprise Content Management (ECM)
•Public web site
•E-mail•Unified Messaging (voice mail)
•Contacts• Shared Calendar
•Tasks•Notes
•Journal•Exchange Public Folders
•Instant Messaging•“Presence”
•Skype to Skype (VoIP) calls (audio and/or video)•Online meetings
Microsoft Office Professional
•Word•Excel•PowerPoint•Outlook•OneNote•Access•Publisher
Four Fundamental Components
8
Information Governance features in Office 365
• Retention & Disposition– In-Place Archive (Exchange)– Document deletion policies (SharePoint)– Information Management Policies (SharePoint)– Messaging Records Management (MRM) (Exchange)– Records Management (SharePoint Records Center) (SharePoint)– Site Closure Policies (SharePoint)
• Information Security– Data Loss Prevention (Exchange)– Encryption (Exchange)– Information Rights Management (IRM) (Exchange, SharePoint)
• Auditing (All Office 365 components)• Mobile Device Management (MDM) (Exchange)• Transport Rules (Exchange)• eDiscovery (not covered in today’s webinar)
NOTE: terminology used by Microsoft for IG and E-Discovery related features is “Security and Compliance”
Delete
Discover
Encrypt
ArchiveDLP
Preserve
Audit
IG features in Office 365: Retention & Disposition
10
IG features in Office 365: In-Place Archive (Exchange)
• NOT type of archiving available from dedicated archiving tools such as Enterprise Vault, SourceOne, Proofpoint, etc.
• Essential purpose is additional storage capacity for email—to replace PST (personal archives)
• Emails can be moved into the archive via several methods:– Move or copy manually by user (from mailbox or a PST file)– Inbox rules– Retention policy (NOTE: there is a default policy applied to each mailbox which makes use of the
archive mailbox)
• Archive mailbox currently not accessible via mobile device clients
• Is encompassed in legal hold and eDiscovery functions of Office 365
• Default setting is OFF
The user’s primary mailbox
The user’s archive mailbox
11
IG features in Office 365: Messaging Records Management (MRM) (Exchange)
• Email management framework• Employs a “tagging” paradigm• Tags get applied to:
– Entire mailbox OR a folder OR an individual message/item
• Multiple tags can be created, for example: – 1 year (delete all items after one year)– 5 year (retain item or items in folder for 5 years)– Archive (move Inbox items to archive mailbox after 6
months)
• Policies:– Each user is automatically assigned to the “Default MRM
Policy”– Can aggregate tags into distinct policies (Executive Policy,
VP Policy, Legal Dept. Policy, etc.)
• Legal hold suspends deletion https://technet.microsoft.com/EN-US/library/dd297955(v=exchg.150).aspx
12
Setting up MRM: 1) Create tags
•Actions by tags:–Delete and allow recovery–Permanently delete–Move to archive
•After ______ # of days•Tags for:
–Entire mailbox–Default folders–Customer folders– Individual items
13
Setting up MRM: 2) Create policies
Policie
s cre
ated
Tags
inclu
ded
in po
licy
14
Setting up MRM: 3) Assign policies to users
• An organization can create as many policies as are needed to achieve requirements
• Policies can be assigned to one or more mailboxes
15
Example email retention policy
Folder or Tag Retention Policy
Inbox, Sent Items, Drafts, Conversation History
Deleted after 180 days
Deleted Items Deleted after 30 daysWorking Docs Working Docs-2 year retentionRecord Tag E-mail records-10 year
retentionContacts, To Do, Notes IndefiniteVoice Mails Deleted after 14 days
16
Default MRM Policy
https://technet.microsoft.com/EN-US/library/dn775046(v=exchg.150).aspx
17
IG features in Office 365: Site Closure Policies (SharePoint)
• Close and/or delete SharePoint sites automatically– Trigger can be site creation or close date
• Can make closed sites read-only • Can create a notification
workflow for closure and deletion –Permits postponement of closure/deletion
• Especially important to consider using in environments with self-service site creation
18
IG features in Office 365: Document Deletion Policies (SharePoint)
• A policy framework for SharePoint– Applies to site collection templates, site collections, sites, OneDrive for Business
• Broad policies—not a records management oriented approach– Keep for X number of years then delete
• Use of policy can be configured as mandatory or optional
• Multiple policies depending on need:– One policy for OneDrive for Business
– Different policy for internal team sites
– Different policy for extranets
• Overrides other policy mechanisms (content types, information management policies, etc.)
• Only applies to document libraries (NOT lists)• Legal hold suspends deletion
19
IG features in Office 365: Information Management Policies (SharePoint)
• Framework for:– Retaining, deleting, archiving, dispositioning content– Initiating workflows, approvals, and other processes relating
to content– “Labeling” content– Auditing actions taken on content
• Can be applied at multiple levels– Site collection– Content type– List– Library– Folder
• Implementation requires planning, training, careful thought
SharePoint Records Center
21
IG features in Office 365: SharePoint Records Management (SharePoint)
• Records Center:– Available via Enterprise template gallery
• Built-in features– “Record Library”
• Pre-configured to protect records
– “Drop Off Library”• Receives incoming documents
– Content Organizer• Pre/Post Classification
• Advanced Document Routing
22
IG features in Office 365: SharePoint Records Management (SharePoint)
• Records Center:– Available via Enterprise template gallery
• Built-in features– “Record Library”
• Pre-configured to protect records
– “Drop Off Library”• Receives incoming documents
– Content Organizer• Pre/Post Classification
• Advanced Document Routing
23
IG features in Office 365: SharePoint Records Management (SharePoint)
• Content Organizer:– Available on ANY site (not just Records Center)
• Useful for…– Moving documents according to…
• Content Type
• Metadata Values
• Configuration Steps– 1) Identify Content Types– 2) Create Record Libraries
• Add content types
• Create folder structure
– 3) Define Rules
24
IG features in Office 365: SharePoint Records Management (SharePoint)
• Content Organizer:– Available on ANY site (not just Records Center)
• Useful for…– Moving documents according to…
• Content Type
• Metadata Values
25
IG features in Office 365: SharePoint Records Management (SharePoint)
• Drop Off Library:– Receives incoming documents
• Useful for…– Deferring record classification
• “Pipelining”
– Identifying incorrect routing rules– Delegating RM responsibilities
26
IG features in Office 365: SharePoint Records Management (SharePoint)
• 3 main areas of concern:– Classification Strategy– Retention Mechanism– Disposition Rules
• Classify by…– Content Type– Document Metadata– Managed Metadata– Document Location
• Keep or retain using…– Site Closure Policy– Content Type Policy– Library/Folder Policy
• Interpret ‘disposition’ as…– Archive and store offline– Delete permanently– Execute a workflow– Transfer to external system
Classification
• Content Type / Tag / MMS• Library / Folder
Retention
• Site Closure Policy• Information Policy
Disposition
• Delete / Keep• Transfer / Workflow
27
IG features in Office 365: SharePoint Records Management (SharePoint)
• Classification:– Consider third party application support
• Manual classification
• Automatic classification
• Content lifecycle management
Tools: ConceptSearching, Collabware CLM
• Classification requires 3rd party support– Proper classification is key to success– Manual declaration is unrealistic in practice
• Classification rules may change– Classification/Retention rules may change– File Plan development is a collaborative exercise– Rules may apply to multiple SharePoint farms
• Documents may need reclassification– Complex workflows involving the same document– Multiple groups accessing the same set of documents
• Documents may be classified in groups– Projects involving many documents of different types
Disposition
Tag
Metadata Type
Location
Site Closure
Retention by Type
Retention by Location
Archive
Delete
Transfer
Workflow
Retention
Classification
28
IG features in Office 365: SharePoint Records Management (SharePoint)
• Managed Metadata:– Key to making RM work in SharePoint
• Decouples Documents from Tags– Proper classification is key to success– Manual declaration is unrealistic in practice– ConceptSearching is a popular choice
• Enables Add-On Tools to…– Generate tags from document content– Examine tags to configure SharePoint– Associate tags with business/compliance rules
• Enables SharePoint to…– Centralize management of tag hierarchies– Associate tags with many documents
29
IG features in Office 365: SharePoint Records Management (SharePoint)
• Retention:– Mechanism follows classification strategy
• Content Type Information Policy (Retention)
• Library/Folder Information Policy (Retention)
TIP: Proper configuration is the key
• Supports 2 Document States– Records (Explicitly Declared)– Non-Records
• Retention Policy Configuration– Rules are defined in “stages”– Stages must be managed carefully
• Watch for conflicting “events”
• Test and re-test when modified
• Limitations in Office 365– No “custom” retention formulas– No “custom” disposition actions
30
IG features in Office 365: SharePoint Records Management (SharePoint)
• Disposition:– Extends the meaning of “retention”
• Supports Multiple Actions– Move to Recycle Bin– Permanently Delete– Transfer to different site (or externally)– Start a Workflow– Skip to Next Stage– Declare Record– Delete Drafts– Delete Previous Versions
• Limitations– Can’t start workflow at Site Collection level
Confidential—Not For Distribution
IG features in Office 365: Information Security
32
IG features in Office 365: Data Loss Prevention (DLP)
• DLP policies contain sets of conditions which filter messages and attachments
• DLP policies employ:– Rules: for example, if a sequence of numbers such as 123-12-1234 appear
– Actions: if 123-12-1234 appears, do not send the message
– Exceptions: its ok to send the message if the sender is John Doe
• Target PII, PHI, credit card numbers, social security numbers, drivers license numbers, etc.
• Use out of the box templates, create custom rules, or import rules created by 3rd parties
33
IG features in Office 365: Encryption
• Multiple options available to implement a program to encrypt sensitive information in email
• Office Message Encryption (OME)– Works with internal and external recipients– No special software required by recipients (don’t have to be on Office 365)
• Secure/Multipurpose Internet Mail Extensions (S/MIME)– Uses certificates in a private-public key framework– Includes digital signature
34
IG features in Office 365: Information Rights Management (IRM)
• Encrypts files and limits programs and users who are allowed to decrypt
• Limits what users can do:– Email: who can access, forward, print, or copy sensitive data– SharePoint: limit actions users can take on files such as read-
only (can’t edit), copying and printing
• Can be configured to be in effect for set period of time (expiration)
• Email rules:– Can configure rules to apply IRM to certain messages (for
example, messages containing word “confidential”)
Confidential—Not For Distribution
Additional IG features in Office 365
36
IG features in Office 365: Mobile Device Management
Confidential—Not For Distribution
• More robust option than Exchange Active Sync (EAS) and if EAS is enabled it is superseded by MDM
• Manage iPhones, iPads, Androids, and Windows Phones (NOTE: Blackberry has a specific service offering through Microsoft)– Requires Office 365 license
• Users can still access SharePoint and Outlook Web App via browser (MDM does not control)
• Allows for selective wipe!
37
IG features in Office 365: Auditing
• Tracks changes made by BOTH Microsoft and subscriber
• Audit reports can be viewed and downloaded• Audit data available for 90 days (longer in some
instances—this is a moving target)• Reports include:
– Litigation holds & E-Discovery searches – Mailbox access by non-owners (delegates)• Admin activity (admin audit logging) in Exchange Online• Access to mailboxes (mailbox audit logging) in Exchange Online• User activity in SharePoint Online and OneDrive for Business• Admin activity in SharePoint Online and OneDrive for Business• Admin activity in Azure Active Directory (the directory service for Office 365)• User sign-in activity in Azure Active Directory
• 3rd party audit tools more robust (API available)• Compliance Center reporting in deployment (provides
additional reports)
Confidential—Not For Distribution
The Compliance Center
39
Compliance Center
• Introduced January 2015• Future primary location of Office 365 E-Discovery
features• Objective is to bring together compliance related
features in a single console (E-Discovery, MDM, retention, auditing, etc.)
• Currently has a mix of unique and duplicate features– Unique:
• Can search across ALL mailboxes and SharePoint sites in a single search
– Duplicate• E-Discovery link redirects to the SharePoint E-Discovery Center
• Limitations: some features are not fully baked– Example: search does not have an export or legal hold function (executing these
functions requires use of PowerShell)
https://technet.microsoft.com/EN-US/library/dn876574.aspx
DTI Information Governance Services
40
Consulting• Records and Information
Management (RIM)– Assessments
– Policies and schedules
– Program implementation
• eDiscovery and Litigation Readiness– Assessments
– ESI data mapping
– Process design and implementation
Technology Services• Defensible disposition and
deletion– Categorization
– Repository/application retirement
– Content audit
– File share and SharePoint cleanup
• Email and archive migration– Archive retirement
– Migrate email to cloud
– PST consolidation
– Legal hold repository
• Sensitive Data Retrieval/Remediation– Targeted identification of PHI, HIPAA, PCI, IP,
and other sensitive and critical data types• Delete
• Copy/Move
• Audit
Office 365 Consulting, Training, and
Implementation• Office 365 Readiness and Strategy
– eDiscovery best practices and workflows
• Office 365 eDiscovery Outsourcing– DTI operates eDiscovery features and functions
• Office 365 Email Management and OneDrive for Business Planning
• Legal Hold Process and Planning• Training
– ½ Day and Full Day Workshops for law firms and corporations
41
Contact Information
• John F. Holliday, JD– Principal, Holliday & Associates– Information Risk Management Consulting– Phone: 404-542-4637– Email: [email protected]– Web: www.holliday.associates
John F. Holliday, J.D. is a 5-year veteran of the Microsoft Most Valued
Professional (MVP) program for the Office SharePoint Server product line.
John has a broad range of professional software development and consulting
experience spanning more than 30 years, most of it focused on content
analytics, document automation, enterprise content management and related
systems.
John is a regular speaker at SharePoint conferences, has authored or co-
authored several popular SharePoint development books, and is the founder
of the SharePoint Developer Network (www.spdevnet.com), an international
network of professional SharePoint developers with over 5000 members
worldwide.
In addition to his professional career, John is actively engaged in
humanitarian activities through Works of Wonder International
(www.worksofwonder.org), a non-profit he founded in 2002, and the
International Association for Human Values (www.iahv.org), an international
service organization devoted to uplifting human values throughout the world.
42
Contact Information
• John P. Collins, JD– Director, Information Governance Solutions– Phone: 815-529-9851– Email: [email protected]
John Collins, J.D., DTI’s Director of Information Governance Solutions, has extensive experience in assisting clients with a full range of information governance services, including data mapping, litigation and electronic discovery readiness, and the development of records and e-mail management and retention policies. As a technology manager for Thomson West (now Thomson Reuters), John managed a team of technology consultants providing technology solutions and installation and integration services to law firm and corporate legal departments throughout the Midwest. As Vice President for Consulting at The Ingersoll Firm, John worked with IT staff at a number of Fortune 1000 companies on data mapping and eDiscovery readiness engagements. He has also published a number of articles and conducted numerous seminars, webinars and CLE programs on information governance and litigation readiness topics. John is a graduate of Nazareth College and the Concord Law School.