It would be nice to have the ability to encrypt a spilled message versus having to delete it.
If we could deem a message as unrecoverable by encrypting it, we would save countless hours trying to remove the message from the Non-IPM subtree.
Currently it takes 4 hours to turn Single Item Recovery and Litigation Hold off. We then need to increase Deleted Item retention, and stop the managed folder assistant off. Then destroy the message, and put the mailbox back in its original state (another 4 hours)
If we could leave all of the holds, and Single Item Recovery in place, Delete the message to the Purges folder, then encrypt it we would save a minimum of 8 hours per incident.
I believe the above idea would save countless man hours, increase consumption and decrease service calls.