All right, so now that we've gone over what a DSR is, let's start looking at how to do a DSR. So the first step is actually doing the discovery process, which if you remember from before is a first process in any DSR requests. If you don't do the discovery, how are you gonna know what needs to be deleted or what needs to be exported or what permissions need to be restricted. So to do any DSR requests, you will need to do the discovery process.

So a DSR is completed inside of the security and compliance center. To actually be able to do a DSR, you will need to have the eDiscovery Manager permissions that is set down here. So if you go to permissions, if we sort by name, it will be easy to find in, you see the eDiscovery Manager here, you can then add your members into this eDiscovery Manager, and they'll be able to do it. If you're a global admin, you'll already have rights to do it so you don't need to worry about it, but if you're not, you will need those rights and also if you're delegating this responsibility to somebody else, they will need rights to be able to do it as well.

So let's actually get started. So what we need to do is go to data privacy, and then go to data subject requests. Inside of the data subject requests, you can open the ones that you have done previously. So what we're gonna do is create a new data subject rights case. So we're going to call this Christine and the person who has filed this is going to be Christine Cline. So for this example, Christine Cline has filed a data subject rights request with our organization, and we've put her in here as the person who's filed the request, then we confirm our case settings. So then it says you have successfully created the new DSR case. And as you see here, it gives you a little tool tip. If you run this search now, we will look for data in email, public folders, Skype, Teams, ToDo, SharePoint and Teams sites, and OneDrive accounts. So you can click finish if you don't wanna run the search yet, or you can click show me the results.

If you wanna run the search right now, you click show me the results. So you can see here it is searching. You can cancel it if you want, but we don't want to do that. On the left-hand pane, it will give you the information about what the search query is that it's running. So here we can see that it is looking for participants with the user, or now this is a big difference, or an and, if you have or, it will be either, either. If you have and, it means you will be doing it, it needs to match this search and the next search. Once it's finished its initial search, it will give you a list of what it's found. So you can see here, we've found all of these emails and we can click them and review them. And there's three pages of them.

Another thing you can do is change the amounts in the search results. I just like to have the maximum, because that makes things easier rather than having to click next, next, next, it's better to have the maximum. Yeah, basically you can preview your search results in this. If these search results are not finding what you're looking for, or it's not matching what is on the data subject requests, there is some stuff that you can do to change the query revolving around this search.

Now up here, there is the information on actually creating your search query to match content. So it's got the click here button. So if we click there, it takes you to the documentation site of all of the searchable properties. So you can see here when we're doing searchable properties, here's the searchable email properties, and we can use these flags in the search. So as you see here, like category, red category. So in here, we can see what our current keywords are. So participants, so we're looking for participants or the author or created by. So at the moment, it's basically gonna find all the participants, all of the emails where Christine C was it participating in that email, or all of the documents that have the author of Christine Cline or all of the documents that are created by Christine Cline.

So let's say we wanted to narrow this down to a specific folder or something. You could go here and you could find here, folder ID. So as you can see here, if we had the GU ID of a folder ID, you could then say, this folder ID and the participants, Christine Cline. So let's say we only wanted to return the details of files that Christine Cline had saved in a particular area. You could use this sort of query to then return that information.

Now, this stuff is really useful for when you're getting a massive search result in a massive data set, and you don't actually wanna release that whole data set for some reason. Maybe that is not a subject of that DSR requests, or maybe that's just not needed for some internal reason and you have a justification for it. So you can use these to filter down, to match the actual DSR requests and not all of them are about emails.

There is, if we scroll down further, the site properties. So, like what we seen before, author, you can also use content type. But yeah, this site's pretty good. It's got all of the information that you need to build your queries. So the other thing we can do is add and remove more options. So if we tick this, you can see currently, we're searching for emails, documents, instant messages. So you can see here, it's not looking at tasks, it's not looking at task requests. We're not looking at encrypted notes. So if you needed these things or let's say your data subject requests did not include documents, you could untick documents so you don't get documents in the response, or you don't get email, or you could say, it's only for emails, you would then just only have emails and then hit save.

Another thing you can do too, is filter to specific location. So if you wanted it in a specific location, you can also filter that. So for example, if there's only one SharePoint site that needed to be checked for all of this data subjects, then you would just choose the site by clicking that and going choose site. So all of these options are helpful to filter down and get the right data inside of your DSR search.

So let's go search and run and you can see here, the status is running query. These queries can take quite some time to run. Sometimes it's better to come back afterwards when they're finished, or you can stay here and wait if you want. So now you can see here, I've left this to run for a little while because it was taking a long time, but the search is now completed and we've gone back to the searches field here, clicked on the search for Christine, which we've found and we can find that we found 82 items here and it searched 70 email boxes, all sites and all public folders. 

What we can do from here is we can use this information or we can view and export the results. So if we wanted to use this information, we would export the report and then use the report to then go and find, let's say there was a permissions change requests. We could use this report to then go and change the permissions.

So let's say there was a data subject rights requests where we needed to give them all the data. Then we can use the export results. So those two buttons are up here. So let's click export results. When you click that, it's going to ask you a couple of questions. How do you wanna output this information? Do you want all items, excluding the ones that have an unrecognizable format, are encrypted or when indexed for some other reasons? Or do you want all of the items, including ones that aren't recognizable or that they're encrypted or that they weren't indexed?

Now, some of these times you will to include the unrecognizable format. Let's say there's some strange file types that are applicable, but you know, Microsoft 365, doesn't recognize the format of the file. Then you would want to export that file. But let's say you only wanted them to have the emails and Excel documents and Word documents associated with that, you don't want to have any of the unrecognizable files, then you would choose the first one. The other option is to only use the unrecognizable files or encrypted files or files that weren't indexed for some other reason. Either way, you just pick the one that is most applicable to you.

So I'm going to use all items excluding the unrecognizable format, and then you can, how do you wanna extrapolate the exchange content? Do you want one PST for each mailbox or one PSYT containing all of the messages? It can be useful to have one PST file for each mailbox, then you can see which mailbox it was sitting in rather than have all of those emails sitting in the one PST. Either way, you just use the correct one that fits the purpose of this DSR request. So we're just gonna use that first option. You could also include the versions for the SharePoint sites, which we might, and then you click export.

Now what's going to happen here is it's gonna generate the export requests. This isn't gonna automatically start exporting, this can take quite some time to happen. Don't expect the export to be ready in two minutes. This will spin around saying, please wait, for a while. When it is finished, it will be doing the export in the background, not the foreground. So you can see here that has done the little export request, and it will be exporting in the background.

Let's also export the report and same here, you've got the different reports for the different use cases. We're just gonna use the first one and do the same thing, generate the report. So there, as you can see, nothing's happened, it just looks like it's spun around for a second and didn't do anything. So what's actually happening in the background is if we go to the export section, you can see here, there is two exports currently.

So we've got the Christine export, which is the export of the data, and we've got the reports only, which is just the report of the data. If we click on it, you can see it is currently still generating this report. It's got this blue field here. It says, we're getting your search results ready. So you need to wait. Basically, this is gonna happen in the background. The bigger your organization is and the more data that you have in Microsoft 365, the longer it's going to take to be ready.

So now we've waited a while and these reports should be finished so we can click on them. And we should see here, once this window loads, that the report is ready for a download. So this is the reports only, this is not the full data export. So what you need to do here is you need to go download report, and then it should start loading. And it will say, do you wanna open this file? So, one thing to note is if you don't have the Unified Export tool installed, you will need to install it. It will come up with this window that I'm showing you on the screen, and basically you just click on it to install it. 

Once it's installed, I've already got it installed on this computer so I can open. What you're gonna need is this export key here. So if we copy that to the clipboard and paste it in here, and if we go browse, choose where you want it to download to and press start. So you can see here, we're downloading this into Christine reports only and into this folder. And when it's finished, you'll get these three ticks to say that Office 365 has prepared your data and the data has been downloaded and the processing has been completed.

So then you go close and now we should be able to see this data inside of the downloads folder. You'll see that we have the reports here. So you can open the export summary and inside of this, we can see the information that was reported. So then you can use it as you need to. So that's basically how to do the export of the report. If we exit that. There also this one with the results with more information. So here you can say the recipients and all of this stuff, and then you can use this information to go and find the data, or if they only wanted to know what data there was on them, you can use this information for that. So let's close that.

So now the next part is the actual export that we generated. So now this is not the report. This is the export. So the same thing, if we go download results, open that, we need to copy this to the clipboard, paste it in here, and also put it, we're just gonna put it into the downloads folder once again, and now we're going to start the download of this information. Now this one, depending on the data size, can take quite some time. We don't have too much data, so it shouldn't take too long to download, but yeah, it is something to be aware of. The more data you are downloading, the larger the file is gonna be, which also means that it's gonna take longer to download. There we go. The data has been downloaded and now it's processing and now it's done.

So what this download does, cause we've downloaded the results this time, not the report. The report was just giving us the information of where that data was stored. This will now give us the actual data in the download. So you can see here, the export and here we go. So we've got the exchange data and the SharePoint data, and we've also got the summary and the results, the same as what was in the other one, but this time we've got the data as well.

So you can see here, if we go into SharePoint and go drill down, here's all the files that showed up in our results. And the same, if we go back and go into exchange, here's all of those PSTs, because we remember we selected those PSTs to be in separate PSTs, not all in one. If we had a selected all in one, it would be an all in one PST. So yeah, that's basically how to do a search for information and then download the report or download the results.