Back

How to Create a Custom Office 365 Retention Policy

An Office 365 retention policy helps you manage the email lifecycle and minimize potential legal risks by establishing a maximum timeframe emails are kept. Microsoft routinely updates the default policies for messaging records management. For instance, deleted emails in Off...

2 min read
Published on May 2, 2017
How to Create a Custom Office 365 Retention Policy

An Office 365 retention policy helps you manage the email lifecycle and minimize potential legal risks by establishing a maximum timeframe emails are kept. Microsoft routinely updates the default policies for messaging records management (MRM). For instance, deleted emails in Office 365 were once only recoverable up to 30 days. Microsoft updated its retention policy so all emails are now recoverable, regardless whether users delete them.

However, to better manage emails and stay industry-compliant, you should configure your own custom retention policy in Office 365.

Setting Up an Office 365 Retention Policy

Before getting started, it’s important to note that a mailbox can only have one retention policy assigned to it, and users can still delete emails, even with an Office 365 retention policy in place.

To apply a retention policy to a mailbox, you’ll need to use retention tags. These settings outline the period a message should remain in a mailbox and what happens once that timeframe has passed.

Here’s how to create a custom Office 365 retention policy and assign retention tags:

  1. Browse to Office 365 Admin > Exchange admin center > compliance management > retention policies. create Office 365 retention policy

  2. Select Default MRM Policy, click the edit icon and then change the name of the policy.

Note: Microsoft periodically updates the default policy titled “Default MRM Policy.” By changing the name of the policy, you will be exempt from Microsoft-initiated changes to mail retention.

  1. Next browse to Office 365 Admin > Exchange admin center > compliance management > retention tags.

  2. Create retention tags by clicking the button and selecting the desired scope. Customer Retetention Policy          

  3. After creating desired retention policies, browse back to Office 365 Admin > Exchange admin center > compliance management > retention policies and click the icon.

  4. Specify a name for the new retention policy, choose your newly created tags and click save. naming retention policy Exchange

Have more questions about creating Office 365 retention policies? Let us know your questions in the comments below. For more help managing your Office 365 environment, check out our Office 365 consulting services here, or request a quote:

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

How MSPs, RPOs, and C3PAOs Help Organizations Achieve CMMC Compliance

How MSPs Help Organizations Achieve CMMC Compliance

MSPs, RPOs, and C3PAOs play a crucial role in CMMC compliance. Learn how to choose the right consultant, third-party auditor, or provider to meet CMMC certification requirements.

May 20, 2025
8 min read
CMMC Compliance Requirements for Level 1 Level 2 and Level 3

CMMC Compliance Requirements for Level 1 Level 2 and Level 3

CMMC certification requires different cybersecurity controls at each level. Learn the key requirements for Level 1, Level 2, and Level 3 compliance and how they align with NIST 800-171.

May 16, 2025
5 min read
Common Questions About Azure Migration Answered

Common Questions About Azure Migration Answered

Get answers to the most common Azure migration questions. Learn about costs, best practices, security, compliance, and troubleshooting cloud migration challenges.

Apr 29, 2025
3 min read
AVD vs W365 in GCC high reducing your CMMC scope

AVD vs W365 in GCC High Reducing Your CMMC Scope and Simplifying Compliance

Comparing AVD vs W365 for GCC High? Learn how each can reduce your CMMC assessment scope and simplify security and compliance management in government environments.

Apr 28, 2025
7 min read
Office 365 License Comparison: Business Plans Vs. E5, E3 and E1

Implementing Cybersecurity Policies for CMMC Compliance and Managing CUI

CMMC compliance requires well-documented cybersecurity policies. Learn how to implement security controls, create an SSP and POA&M, and manage Controlled Unclassified Information (CUI).

Apr 25, 2025
7 min read
CMMC compliance for DoD contractors

CMMC Compliance Requirements for DoD Contractors and Subcontractors in the Defense Industry

CMMC compliance is mandatory for DoD contractors and subcontractors. Learn about certification levels, requirements, and the consequences of failing to meet compliance.

Apr 24, 2025
6 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation