Governance and compliance in Office365 is more relevant than ever and Microsoft has a few tools in the toolbox that helps companies get compliant when it comes to documents in SharePoint Online, Teams, OneDrive for Business and Exchange Online. While GDPR shone a light on a lot of issues, it should always be relevant for a company to know where data resides and prevent sharing with un-authorized persons.
I have been looking into these tools a lot lately and in this first article I will describe a specific approach with automatic labelling of documents in a SharePoint site. For this we need to create a label, publish the label and enable the automatic labelling in the site. In the next part we will cover how to use that label to warn users about sharing documents with the labels.
First we need to create a label. For this we go to Microsofts new Compliance center | Select Information Governance | Under Labels press the link to Create a label
This will bring up the label creator site where we must give the label a Name, admin description and a Description for users – the user will be able to see the name and the user description, so pay attention to not make it too technical.
Under label settings we can enable retention for governance, if the label is to be used only for DLP (data loss prevention) this is not necessary.
When retention is ON the following appears:
On the left we have the settings for Retain the contents – where we can choose how long, what to do when it reaches the end and from where to count.
On the right we have the settings for Content deletion – and again we can choose for how long the contents should be kept and from when to count.
After a review the label is created.
Labels that are created needs to published for users to see and use them. To do this press Publish Labels in the top.
This will bring up the below press Choose labels to publish and select the label
For this test we publish to all location, but you could create labels for specific SharePoint site, Personal OneDrive, Teams and so on.
Name the policy (Publishing labels is done by creating policies that can be edited later if more labels should be published to the same locations)
After that a review appears, please note the limitations. Created labels does not appear immediately. (In my experience sync fluctuates a bit, but 1 day is rare)
With the new label in place we can go to our SharePoint site and select the library we want to attach the label to. Off course this requires permissions to do so.
Go to the site and select Documents (or the library you want to use)
Go to Settings by pressing the Gear in the Top right of the page
From the drop-down select Library settings
Select Apply label to items in this list or library
Select the label from the drop down, choose if it should be added to existing documents in the library and press save
That´s it, now this label is attached to any documents created in the library.
So we created a label and attached it to a library in SharePoint Online but nothing more. What it will do is that it will delete any documents that have it attached after 1 year. But if you paid attention to the naming I really meant to be using it for prevention of sharing also. This is done by creating a Data Loss Prevention Policy and add the label to that. This will be covered in the next part.