eDiscovery for Microsoft 365

Welcome to SpinOne for Microsoft 365, your all-in-one SaaS security platform.

Today, we will be discussing eDiscovery, SpinBackups, granular searching, and legal hold solution.

To get started, select eDiscovery in the left hand toolbar beneath backup.

Upon selection, you will be greeted with your case menu, showing all of your existing cases.

Select a case to gather more information around its expiration, the creator of the case, as well as the case owner, or owners.

Within a case, we can perform functionality, such as legal holds and searches.

Within searches, you can see your pre ran searches, as well as the results of the searches themselves.

Selecting records found enables you to select the data that was detected by the search and determine whether you want to restore this data or download it to your local device.

As a reminder of your search criteria, select Search Criteria.

When performing searches, it’s important to determine the service within Microsoft 365, such as Exchange Online, emails including attachments, or OneDrive and documents library .

For today, we’ll say Exchange Online.

Next, determine the scope for the search, the entities that will be scanned for this specific data.

We can determine and say, apply this search to all users, specific security groups, specific users, and even specific shared mailboxes.

Upon completion of our scope, select parameters to get started with your search criteria, we can say something along the lines of, “Look for data sent ‘From’ a specific email address ‘To’ a specific email address ‘Containing’ a specific subject that also contains specific data found in the body of the email.

Once the search is completed, you will be able to see the results of the search under records found.

Now that data has been detected, let’s protect that data with a legal hold.

Within holds, you can see your existing holds, and as well as those that have been expired already.

To launch a new hold, simply select new hold.

Once again, similarly to searches, determine your service type, such as Exchange Online or One Drive in documents library.

For your scope, once again, determine whether it’s going to be all of your users, specific security groups, users, or shared mailboxes.

When it comes to the retention of your hold, we can have it be indefinite, lasting as long as the case itself.

More granularity could be to launch a fixed fold, specifying a handful of days or weeks for this whole to remain active.

This is eDiscovery.