Retention Policies, Labels, and Label Policies

Retention Policies, Labels, and Label Policies – A Complete Guide for SC-900

Why Are Retention Policies, Labels, and Label Policies Important?

Organizations today are subject to a wide range of regulatory, legal, and business requirements that dictate how long data must be kept and when it should be deleted. Failure to comply can result in heavy fines, legal penalties, and reputational damage. Microsoft 365 provides a powerful framework through retention policies, retention labels, and label policies to help organizations manage the lifecycle of their content in a consistent, automated, and auditable way.

For the SC-900 exam, understanding these concepts is essential because they fall under the Describe the capabilities of Microsoft compliance solutions domain, which makes up a significant portion of the exam.

---

What Are Retention Policies?

A retention policy is a broad, location-level rule that determines how long content is kept (retained) and whether it should be deleted after a specified period. Retention policies are applied at the workload level, meaning you assign them to entire locations such as:

• Exchange Online mailboxes
• SharePoint Online sites
• OneDrive accounts
• Microsoft 365 Groups
• Teams channel messages
• Teams chats
• Yammer community messages
• Yammer user messages

Key characteristics of retention policies:
- They apply broadly to all content within the selected locations.
- They can be configured to retain content, delete content, or retain and then delete content.
- They work silently in the background — users typically do not see or interact with them.
- Multiple retention policies can apply to the same content, and principles of retention determine which policy wins.

---

What Are Retention Labels?

A retention label is a more granular tool that is applied at the item level — to individual documents, emails, or other content items. Unlike retention policies that blanket entire locations, retention labels allow you to classify and manage specific items differently, even if they reside in the same location.

Key characteristics of retention labels:
- They are applied to individual items (a single email, document, etc.).
- They can be applied manually by users, automatically based on conditions (such as sensitive information types or keywords), or through trainable classifiers.
- Only one retention label can be applied to an item at a time.
- Retention labels can mark items as records or regulatory records, which prevents them from being edited or deleted.
- Retention labels travel with the content — if a document is moved within Microsoft 365, the label and its settings move with it.
- Retention labels support disposition review, allowing designated reviewers to decide what happens to content at the end of its retention period.

Records Management:
When a retention label marks content as a record, additional restrictions are enforced:
- The item cannot be permanently deleted.
- The item cannot be relabeled.
- The retention period cannot be shortened.
- A regulatory record is even more restrictive — the label itself cannot be removed.

---

What Are Label Policies?

Once retention labels are created, they do not automatically appear for users or get applied to content. You need a label policy to publish or apply them.

There are two ways to deploy retention labels:

1. Retention Label Policies (Publishing Labels):
- Label policies publish retention labels to specific locations (Exchange, SharePoint, OneDrive, Microsoft 365 Groups).
- Once published, the labels become available for users to manually apply to their content.
- Administrators can also set a default label that is automatically applied to all new content in a location (e.g., all new documents in a SharePoint library get a default retention label).
- It can take up to 7 days for published labels to appear for end users.

2. Auto-Apply Label Policies:
- These policies automatically apply retention labels to content that matches specific conditions.
- Conditions can include: sensitive information types (e.g., credit card numbers), specific keywords or searchable properties, or trainable classifiers.
- Auto-apply policies are powerful because they remove the dependency on users to correctly classify content.

---

How Does Retention Work? The Principles of Retention

When multiple retention settings apply to the same content, Microsoft 365 uses the principles of retention to determine the outcome. These principles are critical for the exam:

1. Retention wins over deletion. If one policy says retain and another says delete, the content is retained.

2. The longest retention period wins. If multiple policies specify different retention durations, the longest period applies.

3. Explicit inclusion wins over implicit inclusion. A policy that explicitly includes a specific location takes precedence over one that includes it as part of a broader selection.

4. The shortest deletion period wins. If after all retention periods have been satisfied and multiple deletion rules apply, the shortest deletion period wins and the content is deleted at the earliest possible time.

---

How Retention Policies and Retention Labels Work Together

It is important to understand that retention policies and retention labels are not mutually exclusive. They can coexist:

- A retention policy might apply a 5-year retention to an entire SharePoint site.
- A retention label might be applied to a specific document on that site requiring 7-year retention.
- The principles of retention apply: the document would be retained for 7 years (longest retention wins).

Retention labels always take precedence over retention policies when considering the same item, because labels represent an explicit classification of that specific item.

---

Where Does Retained Content Go?

Content subject to retention is not necessarily moved or copied immediately. Microsoft 365 uses hidden, system-managed locations to preserve content when needed:

- Exchange Online: The Recoverable Items folder holds retained content.
- SharePoint and OneDrive: The Preservation Hold Library stores copies of content that users modify or delete while under retention.
- Content remains in place and accessible to users until it is modified or deleted, at which point the preserved copy is stored in these hidden locations.

---

Exam Tips: Answering Questions on Retention Policies, Labels, and Label Policies

Tip 1: Know the Scope Difference
Retention policies = broad, location-level. Retention labels = granular, item-level. If a question asks about applying retention to an entire mailbox or site, the answer is a retention policy. If it asks about classifying a specific document or email, the answer is a retention label.

Tip 2: Remember the Principles of Retention
The SC-900 exam commonly tests whether you understand what happens when multiple policies or labels conflict. Remember: retention wins over deletion, and the longest retention period wins. These two rules are tested most frequently.

Tip 3: Understand Records vs. Regular Retention
If a question mentions that content must be immutable or cannot be edited or deleted, the answer involves marking the content as a record using a retention label. Retention policies alone cannot mark content as a record.

Tip 4: Labels Need to Be Published
A common trick question involves asking why users cannot see retention labels. Remember: retention labels must be published via a label policy before users can apply them. Also recall that it can take up to 7 days for published labels to appear.

Tip 5: Auto-Apply vs. Manual Apply
If a question describes a scenario where content must be classified without user intervention, the answer is an auto-apply label policy. If users should choose the label themselves, it is a published label policy.

Tip 6: One Label Per Item
Remember that only one retention label can be applied to a content item at any time. However, multiple retention policies can apply to the same content simultaneously.

Tip 7: Know Where Retained Content Lives
If the exam asks about where retained or preserved content is stored, remember: Recoverable Items folder for Exchange and Preservation Hold Library for SharePoint/OneDrive.

Tip 8: Disposition Review
Only retention labels (not retention policies) support disposition review at the end of the retention period. If a question asks about reviewing content before final deletion, retention labels are the answer.

Tip 9: Regulatory Records Are the Most Restrictive
If a question involves the strictest form of immutability where even administrators cannot remove the label, the answer is regulatory record.

Tip 10: Focus on the Microsoft Purview Compliance Portal
Retention policies, retention labels, and label policies are all configured in the Microsoft Purview compliance portal (formerly the Microsoft 365 compliance center). Know this for questions about where these settings are managed.

---

Summary Table for Quick Review

Feature | Retention Policy | Retention Label
Scope | Location-level (broad) | Item-level (granular)
Applied to | Entire workloads (mailboxes, sites) | Individual documents, emails
User interaction | Silent, no user involvement | Can be applied manually by users or auto-applied
Number per item | Multiple policies can apply | Only one label per item
Records management | No | Yes (can mark as record or regulatory record)
Disposition review | No | Yes
Published via | Directly assigned to locations | Label policy (publish or auto-apply)

---

Final Thought: For the SC-900 exam, focus on understanding when to use a retention policy versus a retention label, how the principles of retention resolve conflicts, and the role of label policies in making labels available. These are the areas most frequently tested, and a solid understanding of these concepts will help you confidently answer related questions.