Jumbo2010 - Fotolia


SharePoint 2016 expands e-discovery capabilities

Microsoft is targeting compliance pain points with SharePoint2016, promising improved e-discovery software for hybrid and unstructured data.

With a new version of SharePoint due out in beta this year, let's consider some of its nuts-and-bolts content management...

features, such as SharePoint E-discovery. While the collaboration platform has always made compliance a key capability, it is going to take things further in SharePoint 2016.

Over the past several years, companies have struggled with their content management systems in terms of ensuring compliance with industry and other regulations. They need to ensure that data is accessible in the event of a lawsuit, searchable and also destroyed after its legal requirement for accessibility elapses. Companies withhybrid deployments of SharePoint have been particularly hamstrung, in that they haven't been able to easily search on-premises and cloud-based content that might be relevant to a legal inquiry.

SharePoint 2016 aims to ease e-discovery and compliance capabilities by making the features accessible in various Microsoft applications, including Exchange, Lync and file shares. Improved hybrid search means it should no longer be an issue if content resides on premises or in the cloud through Office 365.

SharePoint e-discovery capabilities are being enhanced in a number of different ways. One example: Because of a change in the way that SharePoint's indexes work, it will soon be possible to perform e-discovery queries in real time. Previously, it would take days or even weeks to get the results.

New tool for unstructured data

Without a doubt, the most significant new capability is Zoom. Acquired by Microsoft earlier this year, Equivio Zoom technology will provide new tools for SharePoint 2016 and Exchange 2016 to analyze e-discovery data to both.

The idea behind Zoom is simple. Unstructured data is difficult to search. The Zoom feature works to eliminate unnecessary data and convert unstructured data into structured data. The process begins when someone within an organization places data on legal hold, or sets it aside, so that it can be searched for information relevant to a legal case.

Previously, the next step would have been to use keyword searches and other ad hoc search techniques to locate relevant data. Zoom improves this process by using thematic analysis and predictive coding to locate relevant data and to eliminate data that is irrelevant or redundant (such as repetitive e-mail messages from a single conversation thread). The results are then grouped into a structured format for review. Microsoft explains Zoom and introduces other e-discovery features in this presentation.

Data loss prevention

Data loss prevention (DLP) should be significantly improved in SharePoint 2016 as well. Microsoft has adopted a roadmap for DLP in SharePoint and OneDrive for Business in which it has described a three-phase approach to DLP. Phase one involves detecting sensitive content. Phase two involves preventing accidental disclosure of sensitive information while also protecting data and educating users. Phase three is all about customization for content types and policy management across workloads.

DLP was first introduced in Exchange Server and Outlook (and was later made available in Outlook Web App). The basic idea was that Exchange would analyze outbound e-mail messages to detect sensitive content. When sensitive content was detected, Outlook or the Outlook Web App would display a policy tip to inform users of the violation.

Although Exchange Server based DLP works well, users don't share data exclusively through Exchange Server. As such, Microsoft is extending DLP to SharePoint Online and OneDrive for Business. This functionality will be exposed through the Office 365 compliance center. Microsoft has not yet announced whether DLP will be a part of SharePoint 2016.

The SharePoint DLP feature will be based on the use of classification IDs, which are a mechanism for defining specific types of data, such as a credit card number or a Social Security number. There will be 51 different classification IDs included by default.

Phase two of Microsoft's DLP effort will be available for public preview in the second half of 2015. As a part of that preview, Office 365 customers can create automated policies that are designed to take action based on any of the classification IDs. Furthermore, it will be possible to block or to restrict access to sensitive information, even if that information is being shared externally.

As previously mentioned, Outlook informs users of policy violations through policy tips. In Microsoft Office 2016, policy tips are being added to Word, Excel and PowerPoint. These applications will be able to display policy tips whenever a user attempts a policy violation.

Incidentally, the previously mentioned phase two public preview will allow administrators to customize policy tips to meet the organization's needs. The administrator will also have access to an incident reporting mechanism.


SharePoint 2016 will feature various changes to its e-discovery and DLP capabilities that should make it easier for users to ensure compliance with policies and better enable searching of content in the event of a legal hold or proceeding.

These improvements are important, as Microsoft has carved out several basic content management functions from traditional SharePoint and made them part of Office 365 applications. These core compliance and records management capabilities may help SharePoint continue to have a clear function for compliance-conscious companies, particularly those that have struggled with on-premises and cloud-based content. Time will tell how easy these features are to use, but Microsoft continues to carve out a clear records management function for SharePoint with the SharePoint 2016 release.

Next Steps

SharePoint users wrestle with usability issues

Taking the pain out of SharePoint migration

SharePoint in the cloud isn't a zero-sum game

Dig Deeper on Enterprise SharePoint strategy