When someone leaves your company, you might need to preserve their Office 365 data. Email, OneDrive, and SharePoint are straightforward, but what about Teams? As it turns out, a content search or an Office 365 DSR is a good way to retrieve information about Teams messages and information about their activities can be found in the audit log.
Office 365 Administrators have many ways to access user data. It’s important to set up a policy to control and then verify that access. If you don’t, your administrators might be looking into Exchange mailboxes, SharePoint, and OneDrive without oversight. And that would be a bad thing.
Office 365 content searches can find all sorts of information, but they cannot decrypt protected files in SharePoint and OneDrive for Business sites. This prompts the question of how to deal with protected files exported by a search. As it turns out, the combination of a rights management superuser and some PowerShell makes short work of unprotecting files so that they can be read by all.
Office 365 content searches are very powerful at finding content in SharePoint, Exchange, Groups, public folders, and OneDrive. Permissions filters can restrict the ability of eDiscovery managers to see results. With a little PowerShell, you can create effective filters.