Microsoft Purview compliance portal: Data Lifecycle Management - Introduction of secure workflow to bypass legal holds and retention policies

🚨 The Signal: Purview now allows a secure workflow to bypass legal holds and retention policies for Exchange data. This introduces a controlled method for priority cleanup, requiring specific roles, multiple approvals, and full audit trails, impacting data lifecycle management and compliance.

The Impact

Security teams and compliance officers are affected by new capabilities to bypass data retention, creating a risk of unauthorized data deletion if not properly governed.

• Security Teams: Risk of data loss if approval workflows are not robust.
• Compliance Officers: Need to review and update data retention policies.
• Legal Teams: New process for managing exceptions to legal holds.
• IT Administrators: New security role and workflow to manage.

The Action

1. Review existing data retention policies and legal hold procedures.
2. Define clear criteria for 'Priority cleanup' exceptions.
3. Establish a dedicated security role for Priority cleanup operations.
4. Configure multi-approver workflows for all bypass requests.
5. Monitor audit logs for all Priority cleanup activities.

Domain: Purview · Impact: high · Workload: Microsoft Purview · Essential Eight: Restrict Administrative Privileges · ISM: ISM-0445, ISM-1175, ISM-1380, ISM-1507, ISM-1508, ISM-1509, ISM-1647, ISM-1648, ISM-1650, ISM-1686, ISM-1688, ISM-1689, ISM-1883, ISM-1897, ISM-1898