Comprehensive Guide to Managing Litigation Hold in Office 365
In this post, we explain what Office 365 Litigation Hold is, how you can enable it, and the best practices for using it. Up to 53% of SMBs face legal action every year, and around 90% of organizations face a lawsuit at some point in their existence. Combined with over two million organizations worldwide that use Microsoft 365, these numbers justify the need for Litigation Hold functionality. Let’s look at how to enhance litigation hold management and overall data protection in your organization for Office 365 data.
What Is a Litigation Hold in Office 365?
Litigation Hold, also known as Microsoft 365 Legal Hold, is a functionality in Office 365 that allows organizations to preserve the data items in mailboxes for a specified period of time. This functionality is used by organizations for e-discovery in legal cases.
Note that once set, a legal hold has priority over automatic deletion settings and custom retention policies. Employees can’t delete data items such as OneDrive files, Teams communication messages, or Outlook emails.
Throughout the litigation hold period, administrators can find the protected data via Core eDiscovery. Users can still use the functionality of mailboxes, that is, sending and receiving new emails. However, all mailbox content, including deleted items and any original versions that were later modified, as well as archive mailboxes (if enabled), are on hold and protected. You can configure the litigation hold period based on your organization’s needs and legal requirements.
Note that Office 365 Litigation Hold is not a backup feature, and you shouldn’t treat it as such. One reason is that Litigation Hold functionalities rely on Microsoft 365 infrastructure, which means that you can’t reach the data in case a disruption occurs on the service’s side. Another reason is the lack of flexible retention settings to allow point-in-time restores, independent copies of data, and reliable tools to prevent retention gaps.
Office 365 Litigation Hold vs Retention Policy
Office 365 litigation holds are designed to help organizations with the timely provision of data requested during legal proceedings. On the other hand, Microsoft 365 retention policies are data governance rules that allow administrators to organize data retention and deletion proactively. A retention policy is part of an organization’s general data governance strategy that can be applied to various types of data, including mailboxes, Teams conversations, OneDrive, and SharePoint items.
Organizations configure retention policies based on internal needs. You can use specific policies for particular repositories and data items that you need to keep, delete, or keep and then delete.
How to Enable Litigation Hold in Office 365
To place a mailbox on Litigation Hold in the Microsoft 365 admin center, do the following:
- In the Microsoft 365 admin center, go to Users > Active users.
- Select the user that you need to set the litigation hold for.
- On the properties page, find the Mail tab. Then, go to More actions > Manage litigation hold.
- Select the Turn on litigation hold checkbox. After that, provide the following information (optional):
- Hold duration (days): You can set the period in days for the Litigation Hold to be active. The starting date is set from the day a mailbox item is received or created. The system freezes the item and keeps it unchanged until the specified litigation period expires. You can leave this field empty to set an indefinite period for the hold. In this case, items remain frozen until you manually remove the Litigation Hold.
- Note visible to the user: This field enables you to inform the mailbox user about the applied Litigation Hold. In Outlook 2010 and later, the note shows up on the Account Information page in the mailbox.
- Web page with more information for the user: In this field, you can add the link to lead the user to the page with additional Litigation Hold information. In Outlook 2010 and later, the URL shows up on the Account Information page.
- Select Save changes on the Litigation Hold page.
After creating a Litigation Hold in Office 365 for a user, a notification appears informing you that the changes might require up to 240 minutes to take effect.
Common Office 365 Litigation Hold Challenges
Challenges related to litigation holds in Office 365 arise for organizations that have to comply with strict legal requirements, protocols, and laws. The more sensitive the data (personal, finance, medical, etc.), the more challenging it is for organizations to maintain the security, availability, and integrity of that data.
One of the issues around using Litigation Hold in Office 365 as a data management tool is the limited set of capabilities even for fundamental data management approaches compared to more advanced tools available from other vendors. This becomes even more critical if we consider the shared responsibility model and the need for third-party backup to protect Microsoft 365 data.
Another challenge is Microsoft Office 365 Litigation Hold implementation by non-technical employees. A person not experienced in interacting with this specific functionality may be unable to operate the data properly. Such cases require assistance from IT departments to implement, process, or lift Litigation Hold restrictions.
Additionally, administrating mailboxes on hold is possible only via the Exchange Administration Center or a command line interface. Both tools require special IT qualifications from a user for maximum efficiency.
Lastly, the Litigation Hold feature starts saving the data only after activation. In case the user deletes the data without the legal hold function activated, the deleted record cannot be restored. This is another reason to avoid relying on Microsoft 365 Litigation Hold backup and recovery.
Legal Hold Best Practices in Microsoft 365
The following recommendations can help you use the legal hold functionality in Microsoft 365 more efficiently.
Know where the data resides
To put the data on hold right after receiving a legal action notification, you need to know the data location. Consider creating a map that displays which repository contains which data. Such visualization enables you to quickly find the required records and apply hold settings to them to avoid unwanted deletion.
Create clear roles
In data governance, a custodian is the person who owns and carries the responsibility for the data that an organization needs to preserve. Inform appropriate employees in advance that they are sensitive data custodians. Then, ensure that they know which data to protect and how to turn on Litigation Hold in Office 365 when required.
Also, you can have a person responsible for Litigation Hold cases in general and instruct other employees about who to contact when questions regarding the procedure and data arise.
Consult with IT experts early
Consider consulting with your IT experts before you plan and apply certain Microsoft Office 365 Litigation Hold workflows. Managing legal hold data requires the knowledge of the command line interface or Exchange Administration Center, meaning that the IT department is involved in any case. You can avoid additional non-compliance risks by ensuring that your IT experts are familiar with the appropriate Microsoft functionality and the specifics of litigation holds.
Implement repeatable workflows
Based on the instructions, data outlines, and IT expertise, you can develop Litigation Hold workflows that your employees can follow. Describe what to do after the legal hold request is received, how to maintain records during the process, and how to correctly release the hold. This ensures fast reaction to legal issues, critical data availability throughout the required period, and swift failback to normal retention policies once the hold period is over. Additionally, you can use the repeatable workflows for efficient employee training.
Release holds on time
After a process that triggered a Litigation Hold is finished, you can lift the hold and restore regular data retention. For example, the Recoverable Items folder retains any items deleted by the user during the legal hold period and those items cannot be purged. This folder has a default 110 GB limit per mailbox after you enable the hold. Though the limit can be increased, you do not want to keep deleted data for any longer than is strictly needed to fulfill legal requirements.
Create data backups
As mentioned above, Microsoft Office 365 Litigation Hold is not a backup feature but rather a functionality that helps organizations keep the SaaS data available and ensure legal compliance. However, in such cases, data availability is connected to Microsoft 365 access and timely activation of the hold, among other factors. You can lose the critical data and face sanctions, for example, in case you enable a Litigation Hold later than required. Possible issues at the Microsoft service level can also create additional risks.
To prevent data loss and avoid unwanted financial and reputational consequences, consider implementing a dedicated Microsoft 365 backup solution. NAKIVO Backup & Replication for Microsoft 365 is a reliable solution that enables you to back up data in Exchange Online, Microsoft Teams, OneDrive for Business, and SharePoint Online. The NAKIVO solution also enables instant granular recoveries of Microsoft 365 data items directly from backups. You can easily find and restore the required data to the original or custom location to satisfy e-discovery requests and ensure compliance.
