Plan for compliance and archiving in Outlook 2010
Applies to: Office 2010
Topic Last Modified: 2011-08-05
The Retention Policy and Personal Archive features of Microsoft Outlook 2010 and Exchange Server 2010 can enable users to comply with mail retention policies, and to have enough space to store their business-critical information. This article will help you plan a deployment of the two features.
Even if your organization does not strictly enforce compliance, the Personal Archive is a great solution to migrate your organization away from personal Microsoft Outlook data files (.pst) or third-party archiving solutions. The Personal Archive enables users to archive their e-mail messages in a managed location for backup, data recovery, and compliance needs.
Archive policies are available only when you use Outlook 2010 as part of Microsoft Office Professional Plus 2010 with an Exchange Server 2010 account, and the Exchange administrator has enabled Personal Archive. For more information, see License requirements for Personal Archive and retention policies (http://go.microsoft.com/fwlink/p/?LinkId=213850).
In this article:
Planning a Retention Policy deployment
Planning a Personal Archive deployment
Planning a Retention Policy deployment
Retention Policy is an effective way to let you enforce e-mail retention policies on messages stored on a server that is running Exchange Server 2010. Additionally, Retention Policy can be used as an aid to help users stay under their mailbox quota. Retention Policy can be applied at the mailbox, folder, and individual e-mail level, and is only supported for e-mail messages. Other message types, such as calendar or tasks items, are not supported with Outlook 2010 and Exchange Server 2010. To enforce Retention Policy, e-mail messages must be stored in a mailbox or personal archive on an Exchange Server computer.
As part of planning a Retention Policy deployment, consider the following key steps:
Work with your company’s legal or compliance department to define policies.
Determine which combination of mailbox, folder, and user policies is appropriate.
Upgrade the users to Retention Policy.
Inform the users about Retention Policy.
For users under investigation, place them on Retention Hold or Legal Hold.
Defining your Retention Policies
Deciding on which Retention Policies have to be available for your organization, departments, and users should be a conversation that you have with your legal or compliance department. Your company might be subject to government or additional regulation that can be enforced by using Retention Policies. Because departments can be under different regulations, you should organize your policies into logical, easy-to-manage groups. Once you understand the policies that your company must follow, you can determine how to best implement those policies.
Personal Tags are the policies that you can give to users to apply to individual messages and folders they have created. When you define the policies that users will follow, we recommend no more than 10 Personal Tags be used. More than that can overwhelm users. Furthermore, in the Assign Policy gallery on the ribbon, Outlook will only show 10 Personal Tags at a time. If a user has to access more than 10 Personal Tags, they can select More Retention Policies in the Assign Policy gallery.
Determining which types of policies to create
Now that you know which groups of users need which Retention Policies, you can determine how you want to implement those policies.
There are three major types of Retention Policies.
Default Policy Tag This is a policy that is deployed by the Exchange administrator and is applied to all user-created folders and all e-mail messages in a user’s mailbox. This policy cannot be changed by the user. This is the only policy type that guarantees all e-mail messages will have at least one policy applied to them.
Retention Policy Tag This is a type of policy that can be applied to the following special folders in the user’s mailbox:
Policies on these special folders cannot be changed by the user even if there is no Retention Policy Tag applied to the folder.
Personal Tag This is a type of policy that will appear in the Retention Policy user interface (UI) for the user to apply to folders that they create and to individual e-mail messages.
Users cannot apply these policies to any of the special folders listed under Retention Policy Tag earlier in this section.
Users can apply these policies to e-mail messages within special folders, but not the folder itself.
Users can apply these policies to their own user-created folders.
Search folders do not support retention policies because they do not contain actual e-mail messages.
For users to set a Retention Policy on a folder or e-mail message, they must be provided with one or more Personal Tags. By default, the Ribbon Assign Policy gallery shows the first 10 policies (Personal Tags) in alphabetical order. This menu list shows the most recently used policies. However, as additional policies are used, they will be displayed in alphabetical order on the ribbon. When a user applies a policy to a folder by using the folder properties dialog box, the full list of available Personal Tags is shown.
The Personal Tags that are created for the user should have names that clearly describe the type of content that requires the policy. For example, if e-mail messages that mention a patent have to be retained for 7 years, create a policy that is titled “Patent Information” and set it for 2,555 days. Outlook will automatically translate the number of days into a human-readable format and append the length after the title. So, in Outlook, the policy will appear as Patent Information (7 years).
You should also add a description of the policy so that users can get more clarification on which e-mail messages are in scope for that Personal Tag. The description should describe in detail the type of content that falls under that policy. For example:
Policy: Patent Information (7 years)
Description: All email messages that are related to a patent.
This is the order in which a policy takes precedence on an e-mail message:
Policy on the e-mail (Personal Tag)
Policy on the folder that contains the e-mail
Policy on the parent of that folder, and the parent folders above
Policy on the mailbox (Default Policy Tag)
For example: A user has a folder named Financial Documents with the Finance (– 3 years) Retention Policy applied to it. One of the e-mail messages in the folder describes finance department policy and resides in the Financial Documents folder for easy reference. The user can mark that e-mail message with a Retention Policy of Reference (– Never) so that the e-mail messages are never deleted, even though the folder policy is Finance (– 3 years).
If your organization uses Distribution Lists, a Personal Tag that deletes e-mail messages after 1-4 weeks can help users manage their mailbox quota easier. Users can create an Outlook rule to automatically apply the policy to e-mail messages or to have messages delivered to a folder that has the policy applied.
Retention policy warm up period and training
Training users on Retention Policy is important to make sure that they know how to use the system correctly, and that they understand when and why their e-mail messages are being deleted. You should make sure that users understand why the data is being retained or destroyed so that they can apply Personal Tags appropriately, and that they know what content will be destroyed after a certain time.
Assign policies to user’s mailboxes and put their mailboxes on Retention Hold. This will prevent any policy from deleting e-mail messages. For more information, see Place a Mailbox on Retention Hold (http://go.microsoft.com/fwlink/p/?LinkId=195158).
Give users instructions on how to use Retention Policy. Explain that during the warm-up period, users must apply policies to folders and messages otherwise old message could be deleted. For more information, see Assign Retention Policy to E-mail Messages (http://go.microsoft.com/fwlink/p/?LinkId=195157).
A few days before the end of the warm-up period, remind users of the warm-up deadline.
At the deadline, remove users from Retention Hold.
Because it can take users some time to adjust to any new system, instituting a warm-up time period to help users ease into working with Retention Policy is very important. Users must be able to apply the correct Personal Tags to the correct folders and get used to the idea of their information being automatically deleted. We recommend that you give users at least 3 months of using Retention Policy with their e-mail before you remove the Retention Hold from users’ mailboxes. This way, users can see and have access to the Retention Policy features before any of their information is destroyed. This makes it easier for users to integrate Retention Policy into their workflow and understand what is occurring to their e-mail messages.
If you do not have a warm-up period, important e-mail messages could be deleted before the user was able to apply a longer policy.
Similarly, during any period in which users will not be monitoring their e-mail messages, such as being away on extended vacation or parental leave, their mailboxes should be put on Retention Hold. This is so that their information is not accidentally deleted. When they return to work and have had enough time to go through their e-mail messages, turn off Retention Hold.
If you use a Default Policy Tag, or Retention Policy Tag on the user’s mailbox or special folders, and the user uses cached mode to connect to Exchange, there will be an initial degradation in performance in Outlook while their Outlook profile is updated with the policy information. The time that is required to process the data file depends on its size and the speed of the computer. Users should be informed of the performance impact as their mailbox is updated.
Or, you can delete the user’s Outlook profile and create a new profile for that account. When the user starts Outlook, Outlook will download the e-mail messages with the policy information already added. Depending on the size of the account’s mailbox, this might be faster than updating the existing account. However, after you create a new profile with that account, all messages must be indexed again to enable searching in Outlook.
Educating users about Retention Policy
Users should be informed about the following aspects of Retention Policy because it will affect their experience and the ultimate effectiveness of your company’s Retention Policies. For more information, see Assign Retention Policy to E-mail Messages (http://go.microsoft.com/fwlink/p/?LinkId=195157).
Users should check and change, if it is necessary, the Retention Policies on their folders so that messages are not accidentally deleted at the end of the warm-up period.
During the warm-up period, the Retention Policies will not automatically delete messages.
The Default Policy Tag will delete all e-mail messages that are older than the policy length unless the users change the Retention Policy on their folders or individual e-mail messages. The retention length of the Default Policy Tag should be clearly stated.
It is not possible for users to change the folder policy on special folders such as the Inbox, Sent Items, and Deleted Items folders. If there is a policy on the special folders, the policy should be clearly stated.
If users want messages in a special folder to have a different policy, they can manually apply a Personal Tag to those messages.
If a user adds a Personal Tag to an e-mail message, that Personal Tag will take precedence over the folder policy, or the Default Policy Tag.
Retention Policy only applies to e-mail messages. Therefore, all meetings and appointments on their calendars will not be deleted.
Subfolders inherit their parent folder’s Retention Policy.
Retention Policy does not delete messages in Outlook data files (.pst).
Users can apply a Retention Policy to a message by using the Assign Policy gallery in the ribbon.
Users can apply a Retention Policy to folders they have created by using Set Folder Policy in the Assign Policy gallery.
Users can get a list of all messages that will expire within 30 days by selecting View Items Expiring Soon in the Assign Policy gallery.
Users can determine which Retention Policy is being applied to a message by looking under the CC line in the Reading Pane or at the bottom on the reading inspector.
Users under legal hold or investigation
There are two options for legal hold with Outlook 2010 and Exchange Server 2010: Retention Hold and Litigation Hold. Retention Hold makes it obvious to the user that the mailbox has been put on hold. Litigation Hold is silent and does not indicate to the user that the mailbox is under investigation.
The following table summarizes which features are available with Retention Hold and Litigation Hold. The Recoverable Items and Copy on Write features are explained in the following sections.
|Feature||Retention Hold||Litigation Hold|
Retention policies are enforced on the server
Yes. Deletions are captured in a hidden folder in the user’s mailbox so they are not destroyed.
Archive policies are enforced on the server
The Recoverable Items container can empty itself
Copy on Write is turned on
Recover Deleted Items
The Recover Deleted Items folder in Exchange, previously known as the Dumpster, provides a holding area for items that are deleted by the user in Outlook, Microsoft Outlook Web Access (OWA), and other e-mail clients. Users can recover items they have deleted in Outlook and OWA by accessing the Recover Deleted Items folder. For more information, see Recover Deleted Items (http://go.microsoft.com/fwlink/p/?LinkId=195172).
By default, the Recover Deleted Items folder keeps deleted items for 14 days or until the storage quota for the folder is reached. The Recover Deleted Items folder will remove items on a first in, first out (FIFO) basis if the folder storage quota is exceeded. If Litigation Hold for a user’s mailbox is turned on, the Recover Deleted Items folder cannot be purged by using either of these methods. This ensures that the data that was deleted can be searched and recovered. For more information, see Understanding Legal Hold (http://go.microsoft.com/fwlink/p/?LinkId=195174).
Copy on Write
With Exchange Server 2010, you can ensure that all versions of an e-mail message are saved with the Copy on Write feature. This feature will copy the original version of an e-mail message that was modified and store it in a hidden folder named Versions. The properties on an e-mail message that can trigger a copy can be found in Understanding Legal Hold (http://go.microsoft.com/fwlink/p/?LinkId=195174). This functionality is automatically turned on by using Litigation Hold.
Using Retention Hold
If you have a user whose e-mail messages are subject to investigation and should not be deleted, Retention Hold can be turned on for that user’s mailbox. By using Retention Hold, you can display a comment in the Backstage view, which will inform the user of the Retention Hold status. If users have a Personal Archive, they will have to manually move messages to the archive. Retention Hold prevents the server from letting Retention and Archive policies to delete or move messages.
While a user’s mailbox is on Retention Hold, that user’s mailbox quota should be increased to let them to keep e-mail messages that are relevant to the investigation.
When a user is put on Retention Hold, they should be informed of the following:
Retention Policies and Archive Polices will no longer delete or move messages.
The user can manually move messages to the Personal Archive, if they have one.
Using Litigation Hold
If you have a user who is frequently under legal investigation or is part of many investigations at the same time, Litigation Hold is a way to ensure that all of the user’s e-mail messages are being retained without affecting the e-mail user experience. By using Litigation Hold, Outlook does not inform the user that the user’s mailbox is on hold. This can be useful in internal investigation.
Because Retention and Archive policies let users delete and move messages, Litigation Hold enables the user to work as if they are not under investigation. The Recover Deleted Items folder captures all deleted items, and the Copy on Write feature captures all versions of e-mail messages. The combination of these features relieves the burden of maintaining information that might be pertinent to a legal investigation. For more information, see Understanding Legal Hold (http://go.microsoft.com/fwlink/p/?LinkId=195174).
Planning a Personal Archive deployment
A Personal Archive can be used to replace Outlook data files (.pst) used to archive e-mail messages in your organization. Also, it can give users additional room for e-mail messages that they must keep for compliance reasons.
As part of planning a Personal Archive deployment, consider the following key steps:
Determine your organization’s archive policies.
Educate users about the Personal Archive.
Manage the Outlook data files (.pst) in your organization.
Determining your archive policies
By default, the following archive policies are created for a user when they are given a Personal Archive:
Default Policy (– 2 years) The default archive policy applies to a user’s entire mailbox. It archives all e-mail messages for which the received date is older than 2 years.
Personal Tags By default, the following Personal Tags are given to users to apply to their folders and e-mail messages.
Archive policies cannot be applied through Exchange to special folders in the user’s mailbox, such as the Inbox and Sent Items folders. By default, all folders in the user’s mailbox will inherit the Default Policy. But the user can change the policy on any folder or e-mail message by using Personal Tags.
Educating users about the Personal Archive
Users should be informed about the following aspects of the Personal Archive, because it will affect their experience and the way they use the feature. We recommend a warm-up period during which archive policies are set on users’ mailbox folders. This is so that users are not surprised when e-mail messages are moved to the archive overnight.
The Personal Archive cannot be used when the user is offline, or if a connection to the user’s Exchange Server computer cannot be established.
Over a 24 hour window, Exchange Server automatically moves e-mail messages that are ready to be archived. Therefore, users who set an archive policy on a folder will not see an immediate result of this action.
There is no way for the user to archive messages immediately by using Exchange Server. Messages that must be archived immediately must be moved to the archive by the user.
AutoArchive will not be available to the user and will not archive messages. If users have set up AutoArchive to delete or move messages to an Outlook data file (.pst), they must apply the appropriate Retention and Archive policies to achieve the same effect.
Folders that are created in the archive have the same Retention Policy as they did in the mailbox. Similarly, messages in the archive have the same Retention Policy (if one was applied) as they did in the mailbox. Messages with a Retention Policy will expire in the Personal Archive.
Managing Outlook data files (.pst) in your organization
To ensure that your organization’s e-mail is not moved out of the user’s mailbox or your organization’s compliance infrastructure, you can deploy the DisableCrossAccountCopy registry key. This will prevent the user from saving the information to an Outlook data file (.pst), or from copying it to another e-mail account in Outlook. You can deploy this registry key by manually adding it to the user’s registry or by using the Prevent copying or moving items between accounts setting in Group Policy.
This registry key provides more control than the two typically used registry keys DisablePST and PSTDisableGrow in Outlook 2010. Because it prevents users from moving data out of restricted accounts without limiting their .pst use, users are able to use personal e-mail accounts in Outlook that might deliver e-mail messages to a .pst file. They are also able to read messages and copy messages from their existing .pst file. The DisableCrossAccountCopy registry key is recommended to completely replace the need for DisablePST and PSTDisableGrow for these reasons. Optionally, you can also prevent users from copying data out of their synchronized lists in Microsoft SharePoint 2010 Products.
The DisableCrossAccountCopy registry key is located in HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\.
There are three string values that can be defined for this registry key:
Defines accounts or Outlook data files (.pst) where moving or copying data out of that location is not allowed.
This registry key can be deployed by manually adding it to the user’s registry or by using the Prevent copying or moving items between accounts setting in Group Policy.
Or, you can set the DisableCrossAccountCopy in Group Policy by enabling the Prevent copying or moving items between accounts setting under User Configuration\Administrative Templates\Microsoft Outlook 2010\Account Settings\Exchange.
If your organization has already deployed the DisablePST or PSTDisableGrow registry keys, they will not affect the behavior of the DisableCrossAccountCopy key. If the DisableCrossAccountCopy registry value is configured with Outlook 2010, Outlook ignores the DisablePST and PSTDisableGrow registry keys. In this scenario, you cannot eliminate Outlook data files (.pst) completely. However, no corporate data can be moved to Outlook data files (.pst) when the DisableCrossAccountCopy key is set.
If you have users who do not use Outlook 2010, all three keys can be deployed at the same time. However, for most organizations, the DisablePST and PSTDisableGrow registry keys are unnecessary.
The following is the list of ways that copying or moving e-mail messages out of an account or Outlook data file (.pst) will be restricted:
Users cannot drag-and-drop messages from a restricted account into another account or Outlook data file (.pst).
Users cannot use the Move menu to move or copy messages from a restricted account into another account or Outlook data file (.pst).
When using AutoArchive, all accounts that have been restricted will not have the option to archive data.
In the Mailbox Cleanup menu of the Backstage view, the Archive option will not list restricted accounts as an option for archiving.
Rules will not move messages out of the restricted accounts.
Users will be unable to export messages from restricted accounts.
The Clean Up feature will not delete redundant parts of e-mail conversations in restricted accounts.
To prevent users from moving or copying messages from restricted accounts to their computers, you can deploy the DisableCopyToFileSystem registry key.
The DisableCopyToFileSystem registry key is located in HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\.
There are three string values that can be defined for this registry key:
Defines accounts or Outlook data files (.pst) where dragging messages to the computer is not allowed.
This registry key can be deployed by manually adding it to the user’s registry.