Prevent users from bypassing in-place hold for OneDrive for Business
In Place Holds in SharePoint Online use the search function to identify items that are on hold. Users have the possibility to disable search for their OneDrive for Business:
Select Site Settings -> Site Libraries and Lists, then select the Documents Library, select Advanced Settings, set Allow items from this document library to appear in search results = No
Testing shows that disabling search bypasses litigation hold allowing users to delete items without preservation.
Users should not be able to bypass in-place holds. A possible solution would be to prevent users from disabling search when their OneDrive is placed on hold. Ideally in-place hold would provide a more robust mechanism to ensure deleted / modified items are preserved that doesn't rely on search.
This doesn't apply to me, but I voted for it because this clearly an extremely critical bug was reported over a year ago. Is this fixed yet?
In place holds are generally used for federal, state, or internal regulatory or legal requirements. Essentially, this is the truly critical data that cannot be lost no matter what the cost, and this apparent bug has been reported here for over a year.
Whatever team monitors uservoice needs to immediately forward this over to the appropriate department within Microsoft to resolve this and/or confirm resolution. As it stands, this bug entirely negates any data retention or compliance policies guaranteed by Microsoft through its product statements and SLAs.
Consider this, MS rep that will be reading this: how does Microsoft itself remain in compliance with its own regulatory requirements given that it is likely using its own products with this data retention issue? How about the government agencies, institutions, and other legal entities that use your product? This makes it impossible for anyone using your service to remain in compliance with the law. This level of exposure this subjects an entity to is astounding. Sort of like "hey, we were going to comply with this subpoena or FOIA request, but Joe the warehouse guy decided to just magnetize the hard drive instead" kind of exposure.
I agree with Douglas Plumley on the avenue, but this issue is not some minor display bug or feature request; this is the kind of critical bug that when reported via any avenue needs to be rectified right away.
David Peet was nice enough to additionally report another critical bug that it appears you have ignored, but should also have immediately be forwarded to the appropriate team and fixed / confirmed to be fixed: https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/16106458-option-to-preserve-contents-of-sharepoint-recycle
I will be mirroring this comment on that, as well. They both need to be fixed immediately if they are not yet.
Douglas Plumley commented
This sounds like a bug, you might open this with MS Premier Support and address it with them.
Dear All, the basic idea of in-place hold is that "ALL" data is preserved and it is what our legal department relies on for obtaining data for all legal proceedings. If a user has any opportunity to bypass this and delete data while on in-place hold, this makes the use of in-place holds in the Compliance Center impossible to be used by us.