Configuring Retention Policies

Retention policies follow the same workflow as other policies, with specific configurations related to retention periods and data lifecycle actions.

Step 1: Create a Retention Policy

1. Navigate to Playbooks > Policies > Create New Rule Set.
2. Select "Data Lifecycle: Retention" as the policy type.
3. Enter a Rule Set Name and optional Rule Set Description to define the purpose of the policy.

1. Select the Time Attribute: Choose the condition that determines when the object qualifies for retention actions:

• Last Modified Time: Applies the policy based on the most recent time the object was edited or updated.

• Created At Time: Applies the policy based on the time the object was first created.

1. Set the Retention Threshold: Define how old the object must be before it qualifies for action. Use the greater than condition and specify a value in hours, days, months, or years.

• Example: i) Retain objects with a Last Modified Time greater than 7 years. ii) Retain objects Created at a time greater than 4 months.

Specify the Retention Action:

• Delete: Permanently remove the object after the retention threshold is met.

• Archive: Move the object to a designated archival location for long-term storage.

1. Define Retention Conditions Retention policies require criteria to determine which objects qualify for retention actions.

• Condition Type: Select from the following:

  • Document Classification: Target specific categories (e.g., Financial, Legal).

  • Attribute Type or Sensitivity: Define rules based on data attributes.

  • Labels: Use pre-defined labels for categorization.

• Logical Operators: Combine conditions using AND or OR operators to define how multiple criteria interact.

• Example: Apply the rule to objects classified as "Legal" OR labeled as "Sensitive."

Step 3: Assign Data Sources

In this step, users define which data sources should be monitored by the policy. The interface allows selecting specific data sources, along with tailored options for configuring their scan conditions.

Steps for Selecting and Configuring Data Sources

1. Select All or Specific Data Sources:

   • To apply the policy universally, check the Select all data sources option. This ensures all current and future data sources are monitored.

   • To target specific sources, uncheck this option and manually select individual data sources.

2. Configure Scan Conditions:

   • Each data source provides tailored scan condition options based on its type. Click on the corresponding Select link (e.g., "Select members/groups," "Select drives," or "Select sites") to configure these conditions.

Data Source-Specific Configurations

1. Gmail:

   • Scan Condition: Select specific members/groups to monitor emails.

   • How to Configure:

     • Click Select members/groups next to the Gmail data source.

     • Add members or groups to the inclusion or exclusion list to refine the scope of scanning.

2. Google Drive:

   • Scan Condition: Select specific drives for scanning.

   • How to Configure:

     • Click Select drives next to Google Drive.

     • Add specific drives to include or exclude in the scanning policy.

3. OneDrive:

   • Scan Condition: Similar to Google Drive, select specific drives for scanning.

   • How to Configure:

     • Click Select drives next to OneDrive.

     • Specify drives for inclusion or exclusion.

4. Outlook:

   • Scan Condition: Choose members/groups to target email inboxes.

   • How to Configure:

     • Click Select members/groups next to the Outlook data source.

     • Add individual users or groups to monitor.

5. SharePoint:

   • Scan Condition: Select specific sites to include or exclude.

   • How to Configure:

     • Click Select sites next to SharePoint.

     • Choose between Scan All Sites or Scan Selected Sites:

       • Scan All Sites: Add exclusions for sites that should not be scanned.

       • Scan Selected Sites: Add inclusions for specific sites to target.

     • Confirm the selection by clicking Save.

Example Scenario: You want to configure a policy that monitors Gmail and SharePoint, targeting only specific groups and sites:

1. Gmail: Click Select members/groups and add HR and Finance groups.

2. SharePoint: Click Select sites and choose Scan Selected Sites. Add site names like "ProjectDocs" and "HRShare" to the inclusion list.

3. Save your selections and proceed to the next step.

Step 4: Configure Alerts and Notifications

1. Set up alerts to notify data owners when retention actions are triggered.

2. Assign alerts to:

   • Datasource Owners: Default recipients responsible for reviewing retention enforcement.

   • Object Owners: Users assigned to specific files or records.

3. Choose an Alert Severity Level (e.g., Low, High, Critical) based on data sensitivity. You can also add more member email id's under Alert Notification and Select Regulations such as GDPR, HIPAA, etc. under which the policy is created. 4. Click on Next.

Step 5: Automate Retention Actions (Optional)

Click on Save & Close to save the created Retention policy.

Example Scenario: A financial services firm needs to retain tax documents for 7 years and then archive them for compliance.

Configuration:

1. Policy Type: Retention.

2. Retention Condition: Last Modified Time > 7 Years.

3. Data Sources: SharePoint (Finance Team Sites).

4. Retention Action: Archive to the "Regulatory Records" folder.

5. Alert: Notify the Compliance Team with High Severity.

Key Notes

• Retention policies do not override user permissions—files remain accessible until deleted or archived.

• Automated deletion is permanent unless archived as an alternative action.

• Data sources not listed under supported retention policies cannot be selected for retention enforcement.