RM Unify and data retention - how we manage users deleted from RM Unify
Published Date : 06 Oct 2017
Last Updated : 11 Sep 2024
Content Ref: TEC5900881
Operating System
(none)
Part No
(none)
Summary
Explains how RM Unify manages data retention.
Symptoms
Under principal 5 of the Data Protection Act, schools need to ensure that cloud service providers retain personal data no longer than is necessary for the purpose they obtained it and this obligation continues to be important under GDPR.
One of the key benefits of RM Unify automating your user management is that it helps you keep cloud services in sync as users leave your institution. This ensures that cloud service providers know that they can now clear up the data of staff and students that have left.
This article provides further information on how we manage deleted users in RM Unify and connected third-party apps.
Cause
When a user is deleted from your RM Unify establishment, the following will happen:
In RM Unify - delete the user so that no further user updates occur.
In Microsoft® 365 (M365) - unlicense the user (unless you have chosen to opt-out of RM Unify-controlled M365 licensing).
In Google Workspace - suspend the user.
Tell all third-party apps with auto-provisioning that the user has been deleted.
If an RM Unify user remains deleted for nine months or longer, we will run an automatic housekeeping task which will:
In RM Unify - remove all data that RM Unify holds pertaining to the user.
In Microsoft 365 - delete accounts that were linked to the RM Unify user, including user accounts converted to have a shared mailbox. Once deleted, the standard M365 deleted user settings apply to the account, i.e. the account is permanently removed from M365 after 30 days.
In Google Workspace - delete accounts that were linked to the RM Unify user. Once deleted, the standard Google Workspace deleted user settings apply to the account, i.e. the account is permanently removed from Google Workspace after 20 days. Google may change the restoration period of a deleted user and their data. Please check current settings here.
We believe that nine months is long enough to ensure that the person is not returning to your institution and gives you sufficient time to recover any Microsoft 365 or Google Workspace files that you need. You can, however, choose to prevent a particular Microsoft 365 and Google Workspace account from being deleted by the housekeeping task. For more information, see the relevant sections below.
Note: Third party apps are responsible for their own data retention policies and conformance with GPDR. For more information, please contact the cloud app vendor.
Procedure
How to prevent a Microsoft 365 account from being deleted by the housekeeping task
Excluding a Microsoft 365 account from deletion is a two-step process. This process must be followed, irrespective of whether the account(s) are assigned any type of additional licence intended to archive or retain the Microsoft 365 account:
Move the account to your onmicrosoft.com domain, using the steps for appropriate to the type of mailbox the user account has.
Remove the ImmutableID from the account.
Both the steps must be completed to prevent deletion. To complete the steps, you will need the following:
To move the account (with a regular mailbox) to the onmicrosoft.com domain
Sign into the 'Microsoft 365 admin centre' as a global administrator user.
Click Users.
Select the user account to be excluded.
In Aliases, type an alias prefixed with Archive or something similar and select your onmicrosoft.com domain, e.g. SchoolA.onmicrosoft.com.
Click Add. You will now have a new alias, e.g. Archive-JSmith@SchoolA.onmicrosoft.com.
Next to the new alias, click 'Set as primary'. A window will appear to warn about changing the user's sign-in information.
Click Save and Close.
The user's old account name will be retained as an alias. This will prevent the old email address being used to create a new account for any future user. To release the email address to be used in the future, select the user again and select to delete the alias email address.
To move the account (with a shared mailbox) to the onmicrosoft.com domain
Sign into the 'Microsoft 365 admin centre' as a global administrator user.
Click Users.
Select the user account to be excluded.
Click Manage username and select your onmicrosoft.com domain e.g. SchoolA.onmicrosoft.com.
Click Save changes.
From Admin Centers, click Exchange.
Under recipients, click shared and select the shared mailbox.
Click the email address and highlight the lower case smtp entry with the email address of the federated domain, e.g. SchoolA.domain.com.
Click Edit and tick 'Make this the reply address'.
Click OK, Save.
You have now moved the shared mailbox to the onmicrosoft.com domain but retained its existing email reply address.
To remove the ImmutableID from the account
On a computer with an Internet connection, open PowerShell.
Type Import-Module msonline and press Enter.
Next, type Connect-MsolService and press Enter.
Enter your Microsoft 365 credentials when prompted.
Type Set-MSOLUser -UserPrincipalName <Archive-JSmith@SchoolA.onmicrosoft.com> -ImmutableID "$null", where Archive-JSmith@SchoolA.onmicrosoft.com is the email address you set as primary in step 5 above.
If you want the user with a regular mailbox to be able to sign into Microsoft 365, then reset their password in Microsoft 365 and ask them to sign in directly via portal.office.com, using their new username and password.
How to prevent a Google Workspace user from being deleted by the housekeeping task
There are two options, depending on whether you want to keep or rename the Google Workspace account's email address:
Option 1: Keep the current Google Workspace email address
Sign into RM Unify as a super admin.
Click Management Console, Users.
In the View filter, select 'Deleted users'.
Click OK.
Select the user and from the Actions menu, select 'Hard delete user'.
Wait a few minutes to allow the RM Unify hard delete request to complete and the user to no longer show in the 'Deleted users' view.
Sign into Google Workspace as a user with the super admin role.
From the admin console, click Users.
Click 'Add a filter' and select 'Recently deleted'.
Find the user and click Recover.
Select the organisational unit you want to recover the user to and click Recover.
Option 2: Rename the Google Workspace email address
Sign into Google Workspace as a user with the super admin role.
From the admin console, click Users.
Select the user to rename.
Click the three ellipses on the top right-hand corner of the user's details page.
Why are the hard deletes of users not recorded in User Audit?
The hard delete of a user and their data should be absolute and we should hold no further record of the user if there is no justifiable reason to. For this reason, we do not log the RM Unify username of a hard-deleted account in the User Audit section of the RM Unify Management Console.
More Information
Free licences for Microsoft 365 are provided to eligible (verified) educational establishments in the UK by Microsoft. To be eligible, students need to be matriculated (enroled) at the establishment and staff must be employed at the establishment. Once a user leaves the educational establishment, they may no longer be eligible for those free licences.
Please contact Google directly with any questions about your establishment's eligibility for free educational licences. For more info, please visit https://support.google.com/a/answer/134628.