External guest access and external sharing in Microsoft 365

This post was initiated by a question from a client about the difference and/or relationship between: External guest access to a Team (and its various linked resources), a Microsoft 365 Group (and its various linked resources), or a SharePoint site. External sharing from SharePoint/OneDrive, including from Teams. The specific question was 'where can you restrict … Continue reading External guest access and external sharing in Microsoft 365 →

Shared mailboxes vs Microsoft 365 Group shared mailboxes

Shared mailboxes have been a common feature in Microsoft Exchange for a long time and continue to be a standard feature in Exchange Online. According to the Microsoft learn page About Shared Mailboxes (accessed 28 January 2024), 'Shared mailboxes are used when multiple people need access to the same mailbox, such as a company information … Continue reading Shared mailboxes vs Microsoft 365 Group shared mailboxes →

Analogue analogies for managing records in SharePoint Online

This post describes analogies from the world of managing physical records, to help guide approaches to manage digital records in SharePoint. It also notes why these analogies may be useful for specific high value, vital and long-term records. Archive boxes and files Archive boxes (example above) are typically used to store and manage over time: … Continue reading Analogue analogies for managing records in SharePoint Online →

Disposition of records in Microsoft 365

Records are defined in the international standard for records management, ISO 15489-1:2016 as: 'evidence of business activity and information assets'. The standard adds that: 'Any set of information, regardless of its structure or form, can be managed as a record. This includes information in the form of a document, a collection of data or other … Continue reading Disposition of records in Microsoft 365 →

Using predictive coding in Microsoft 365 to find records

In November 2012, I published a post titled 'Can predictive coding be used to classify records'. My post referred to an October 2011 article by (now retired) Judge Andrew Peck, at the time a judge for the Southern District of New York. Peck's article was titled ‘Search, Forward: Will manual document review and keyword searches … Continue reading Using predictive coding in Microsoft 365 to find records →

The complex world of external sharing and access in Microsoft 365

(Updated 17 March 2023 with further details about Microsoft Entra settings and B2B Direct connect, see below). By default, external sharing and access is (mostly) enabled by default in Microsoft 365. Unless the settings have been changed in the various locations described below, end users can usually: Click the 'share' icon next to a folder … Continue reading The complex world of external sharing and access in Microsoft 365 →

Why records managers and IT need to understand Microsoft 365 groups better

Office (later Microsoft) 365 (M365) Groups were introduced to Office 365 in 2014. Although Microsoft Teams was introduced in March 2017, there has been a general lack of understanding about the relationship between Teams and M365 Groups on the part of both records managers and IT. This post explains what both records managers and IT … Continue reading Why records managers and IT need to understand Microsoft 365 groups better →

What is stored in an Exchange Online mailbox?

Email mailboxes have long been the primary repository for work-related emails (and attachments) and calendaring information. Some of these emails may have been copied to electronic document and records management (EDRM) systems or saved to network drives. Very often some form of mailbox archiving was introduced to help reduce storage by moving inactive content to … Continue reading What is stored in an Exchange Online mailbox? →

Delete or do nothing – retention policy outcomes on Exchange Online mailboxes and OneDrive accounts

Microsoft 365 Exchange Online (EXO) mailboxes and OneDrives assigned to individual end users have one thing in common - they may contain the only copy of corporate records (and other content) that cannot be easily accessed or managed as records. Organisational efforts to encourage end users to save emails (and other potential records) to a … Continue reading Delete or do nothing – retention policy outcomes on Exchange Online mailboxes and OneDrive accounts →

Audit trails for records in SharePoint Online

As evidence of business activities, records should be authoritative. According to ISO 15489:2016, the characteristics that define authoritative records are authenticity, reliability, integrity and usability. These characteristics may be met by either: Securing or locking a record to prevent unauthorised changes ('declaring a record'). Recording the details of any events - the 'event history' - … Continue reading Audit trails for records in SharePoint Online →