Platform
- Data Security Cloud
  Data Security Cloud
  Fully managed data security across enterprise, cloud, SaaS, and end user.
- Data Protection
  Data Protection
  Modernize data protection to reduce costs and complexity
- Cyber Response & Recovery
  Cyber Response & Recovery
  Bounce back from cyber attacks with data that is always safe and ready.
- eDiscovery & Compliance
  eDiscovery & Compliance
  Secure, protect, and streamline data governance.
- Meet Dru - Your Copilot for Data Security
Solutions
- Use Cases
  Use Cases
  Learn how Druva helps you accelerate key business initiatives
- Key Technologies
  - Public Cloud
    Public Cloud
    Protect native AWS and Azure deployments with secure backups without the cost and complexity
    
    Amazon EC2
    
    Amazon RDS
    
    Azure
  - Hybrid Workloads
    Hybrid Workloads
    Transform data center backup and disaster recovery for virtual environments
    
    VMware
    
    Hyper-V
    
    Nutanix
    
    Oracle
    
    MS SQL
    
    SAP HANA
    
    NAS/files
  - Endpoint and SaaS Apps
    Endpoint and SaaS Apps
    Enterprise Cloud Backup and data management across edge, on-premises and cloud workloads
    
    End User Protection
    
    Microsoft 365
    
    Salesforce
    
    Google Workspace
    
    Microsoft Entra ID
    
    Microsoft Dynamics 365
- Free Trial
Customers
- Explore All Customer Stories
  We are trusted by the world's leading organizations to protect their data. Explore customer success stories to see how your peers are using Druva.
- Ransomware recovery ready
  Learn why Medallia chose Druva
  
  SaaS data protection across the enterprise
  See why Regeneron partnered with Druva
Resources
- Druva vs. Veeam TCO Calculator
  Find the hidden costs of legacy backup
  
  Forrester: Total Economic Impact of Druva 2024
  Customers see 224% ROI: Find out how
Partners
- Programs
  Programs
  Learn how you can profit with Druva and a cloud-first SaaS selling motion. Explore partner programs, access resources, and discover the benefits of partnering with Druva.
- Strategic Partners
  Strategic Partners
  Learn about Druva's strategic capabilities across platform, OEM, and other partnerships. Find out how Druva accelerates and protects customers' cloud journeys.
  - Dell Technologies
  - AWS
  - VMware
  - Nutanix
- Become a Partner
Company
- - Company
  - Leadership
  - Investors
  - Careers
  - Contact Us
  - Newsroom
  - Awards
  - Events
  - Diversity, Equity & Inclusion
  - Blog
- Get in touch with us
  Contact Us
  
  News, product innovations, and more
  Blog
Get Started
Support
Login
Language
- English
- Deutsch

Product

Core eDiscovery in Microsoft 365 and how Druva plays a role

April 29, 2021 Babu Pillai, Product Manager

What is eDiscovery?

Electronic discovery (eDiscovery) is identifying, collecting, and producing electronically stored information (ESI) in response to a request for information in a lawsuit or investigation. This usually includes emails, documents, databases, audio, and video files.

eDiscovery can be associated with litigation, which has a specific requirement that documents be put on a legal hold or litigation hold (not to delete or change) while the case is open, and should be allowed to search for specific needs. The legal hold is released once the case is closed.

Microsoft’s eDiscovery

Microsoft allows Microsoft 365 customers to enable eDiscovery capabilities via their E3 and E5 licenses.Core eDiscovery allows eDiscovery managers to create cases and legal holds, and search for data. This allows users to put legal holds on various Microsoft cloud locations, including Exchange emails, OneDrive, SharePoint, and Teams data.

Advanced eDiscovery is built on top of existing eDiscovery capabilities and provides an end-to-end workflow to preserve, collect, analyze, review, and export data. This lets users create custodians to group locations together. Read more about advanced eDiscovery in Microsoft’s documentation here.

Users can explore results via a plug-in connected with Microsoft Edge.

License requirements

Microsoft 365’s E3 license provides core eDiscovery capabilities while its E5 license provides both core and advanced eDiscovery capabilities. E3 users can add advanced eDiscovery features with an extra add-on that costs $10 per user.

Core eDiscovery process

Core eDiscovery in Microsoft 365 provides a basic eDiscovery tool that organizations can use to search and export content. Core eDiscovery can place an eDiscovery hold on content locations, such as Exchange mailboxes, SharePoint sites, OneDrive accounts, and Microsoft Teams, to search, export, and preserve content.

Below is a sample workflow on how core eDiscovery works:

eDiscovery managers create a case
Add locations (Exchange mails and OneDrive/SharePoint contents, chats and messages) and create legal hold(s)
Search data, preview results and export contents to Azure Blob Storage
- Can use export tool to download and review the data
- Exported results will be kept for two weeks
Once a case is resolved, it will be closed and all holds will be released

Advanced eDiscovery process

Microsoft provides advanced capabilities by extending the capabilities of basic eDiscovery.

Below is a sample process workflow:

eDiscovery manager creates a legal case
Add data custodians (Exchange mails and OneDrive locations are added automatically)
Add extra locations (SharePoint/Teams files, chats, and messages) where needed
Create holds
Search data
Create review sets
Upload external data if required
Search inside specific results
Export results
- Results will be moved to Azure Blob Storage
- Can use Azure Storage Explorer to download the data

Druva, legal hold, and eDiscovery

Druva enables core and advanced eDiscovery capabilities, and allows eDiscovery managers to place legal holds and use eDiscovery capabilities via theDruva Elite license. This license currently supports both Exchange emails and OneDrive locations, along with Gmaill, Google Drive and Slack. Support for Microsoft SharePoint and Microsoft Teams is coming soon.

Once custodians are identified, Druva can put a legal hold on collections associated with that user. Druva can also extend eDiscovery to endpoints including laptops and mobile devices. Druva’s eDiscovery process is relatively simple by associating custodians with the case, and searching the data, before generating a report and exploring the results.

A Druva eDiscovery administrator collects data from selected locations and downloads the collection details from the admin console. The details can then be reviewed for associated legal cases.

A download client is available to explore the results for both Windows and Mac environments. Refer to Druva’s documentation to learn more,and read our joint white paper with Lighthouse to learn more about Druva’s eDiscovery and forensic capabilities.

Key takeaways

Druva offers a single eDiscovery solution for multiple data sources including Microsoft, Google, and Slack. Its enhanced functionality delivers central visibility and federated data search across multiple data collection sets, allowing users to resolve legal cases quickly and efficiently. Druva enables the discovery of contents which are already backed up and protected. Legal teams can leverage Druva’s capabilities to place litigation holds on contents to identify specific data when working with legal teams.

For more information, read our eDiscovery cost savings guide for a look at how to optimize your processes and cut costs up to 30 percent.

Core eDiscovery in Microsoft 365 and how Druva plays a role

What is eDiscovery?

Microsoft’s eDiscovery

License requirements

Core eDiscovery process

Advanced eDiscovery process

Druva, legal hold, and eDiscovery

Key takeaways

Druva Blog: Cloud Technology & Data Protection Articles

Druva Data Security Cloud

The Druva Platform

Data Protection

Cyber Response & Recovery

eDiscovery & Compliance

Use Cases

Key Technologies

Customers

Resources

Partners

Company