Hello, and welcome to Advanced eDiscovery. Advanced eDiscovery is an additional search and discovery solution offered in Microsoft 365. As the name might imply, Advanced eDiscovery offers more features and capabilities over that of the Core eDiscovery feature.

Advanced eDiscovery offers organizations a complete end-to-end workflow. You can use Advanced eDiscovery to preserve, collect, analyze, review, analyze again, and export content as part of your investigations. 

Once you’ve identified a person of interest and the data sources you are interested in, you can use Advanced eDiscovery to apply a hold to preserve the user’s data. You can then manage the legal hold communication process. Because Advanced eDiscovery allows you to collect data from the source, it allows you to quickly search the live Microsoft 365 platform for the information you are interested in. 

The machine learning capabilities, like deep indexing, email threading, and near-duplicate detection, help reduce the amount of data that you need to sift through.

A key benefit of Advanced eDiscovery is the ability to discover and collect data in-place. This means that you can use Advanced eDiscovery to discover data at the source, while remaining within your Microsoft 365 security and compliance boundary. The ability to collect data in-place like this reduces the amount of work needed, because you don’t have to go back and forth to and from the source to find missing content, which will often happen due to journal lags in other eDiscovery solutions.

Advanced eDiscovery offers native search and collection capabilities for data stored in Teams, Yammer, SharePoint Online, OneDrive for Business, and Exchange Online. These capabilities vastly improve the data discovery process.

For example, if you need to retrieve data from a Teams conversation, what Advanced eDiscovery will do is completely reconstruct Teams conversations. This is vastly superior to just returning individual messages from those Teams conversations.

Advanced eDiscovery also supports hundreds of non-Microsoft 365 file types right out of the box. It can also collect data that’s been imported from third-party sources and archived in Microsoft 365 by data connectors. Some third-party data you can collect with Advanced eDiscovery includes things like Facebook data, Slack data, and Zoom Meetings.

The workflow in Advanced eDiscovery is shown on-screen.

Notice that the first step in the workflow, after creating a case, is to add custodians. Custodians are people that have administrative control of documents that may be relevant to a case.

Once the custodians have been added to the case, you then search for data that you think might be relevant to the case at hand. Like you can do with Core eDiscovery, you can use keywords, properties, and conditions to build search queries. These search queries will then return search results with data that's most likely relevant to the case.

Once the search is complete, you need to add the search results to a review set. Adding this data to a review set causes the returned items to be copied from their original locations to a secure Azure Storage location.

With the returned data added to a review set, you can view and analyze the case data. What you want to do at this stage is reduce the data set to only what is most relevant to your investigation.

Lastly, once you’ve collected, reviewed, and analyzed your case data, you can export the data out of Advanced eDiscovery so it can be reviewed externally or by people who are not part of the immediate investigation team.

Join me in the next lesson, where I’ll explain how to set up Microsoft 365 Advanced eDiscovery.