Nikki Chapple

Ex-Employee OneDrive Retention: Why Data Is Kept Forever in Microsoft 365 and How to Fix It

Posted on 8 February 2026Updated on 8 February 2026by Nikki Chapple

Ex-employee OneDrive retention is no longer primarily a licensing problem. Since January 2025, Microsoft has reduced one of the biggest historical causes of indefinite OneDrive retention. However, many organisations are still retaining former employees’ OneDrive data for years, sometimes indefinitely.

The reason is governance design.

This article explains how identity lifecycle, OneDrive service behaviour, and Microsoft 365 retention (via Microsoft Purview) interact today; why ex‑employee OneDrive data can still persist indefinitely; and how to design retention so every leaver’s OneDrive reaches a predictable, auditable end‑of‑life.

👉 Read the full guide to understand why ex‑employee OneDrive data can still be retained forever, and how to fix it.

CollabDays Bletchley Park 2025: SharePoint Storage Optimization Recap and Key Takeaways

Posted on 1 October 2025Updated on 1 October 2025by Nikki Chapple

SharePoint storage optimization was the focus of my session at CollabDays Bletchley Park 2025, a fantastic community event that brought together Microsoft 365 professionals to share knowledge and best practices.

My session, “Do We Really Need to Buy More SharePoint Storage?”, addressed a common challenge: organizations hitting storage limits and wondering if buying more space is the only solution.

Do You Really Need More SharePoint Storage? Here’s How to Optimize Instead.

Posted on 30 September 2025Updated on 1 October 2025by Nikki Chapple

Many organizations reach their SharePoint storage limits and assume the only solution is to purchase additional storage. In most cases, you can avoid extra costs by optimizing what you already have. This article explains how to reduce storage consumption by managing file version history, governing site lifecycle, and leveraging Microsoft 365 Archive for inactive content. Keeping your environment lean not only saves money but also improves Microsoft 365 Copilot quality by decreasing ROT (redundant, obsolete, trivial) data that clutters search and AI responses. By applying these measures, you can control costs, enhance compliance, and improve user experience without unnecessary spending.

Why Microsoft 365 Copilot Data Readiness Matters

Posted on 11 September 2025Updated on 11 September 2025by Nikki Chapple

Microsoft 365 Copilot Data Readiness is essential for secure and effective AI adoption. Copilot is transforming the way we work by boosting productivity, creativity, and efficiency across Microsoft 365. But here is the challenge: Copilot surfaces what users already have access to. If your data governance is not in order, sensitive information could be exposed.

So, the big question is:
Is your data ready for Microsoft 365 Copilot?

I recently joined Mark Thompson from The Inform Team for a webinar on this topic. We explored how Copilot interacts with your Microsoft 365 environment, the risks of oversharing, and how to build a secure, governed foundation for responsible AI adoption.

🎥 Watch the full webinar: YouTube Recording

Mastering Records Management in Microsoft Purview: A Practical Guide for AI-Ready Governance

Posted on 9 September 2025Updated on 10 September 2025by Nikki Chapple

Microsoft Purview Records Management has become a critical priority for organizations adopting AI tools like Microsoft 365 Copilot. Because Copilot surfaces everything a user can access, including redundant, obsolete, and trivial (ROT) data, weak governance now directly translates into productivity loss, compliance risks, and potential legal exposure.

In a recent episode of All Things M365 Compliance, I joined Ryan John Murphy and Susan Lamb, Principal Data Governance SME at Infotechtion and former global records management lead at Shell, to explore how Microsoft Purview has evolved and what practical steps organizations must take to clean up their data estate.

Teams Private Channel Messages: Compliance Action Required by Sept 20, 2025

Posted on 3 September 2025Updated on 3 September 2025by Nikki Chapple

Teams private channel messages are moving to group mailboxes, and compliance managers must act before September 20, 2025, to avoid data loss and compliance gaps.

Microsoft is reengineering private channels to improve scalability and simplify governance. This change impacts Microsoft Purview eDiscovery, retention, and DLP policies.

This update was announced in the Microsoft Teams Blog and flagged in the Microsoft 365 Message Center (MC1134737).

📺 Prefer video? Watch the full episode on YouTube and subscribe for more updates!

Ultimate Guide to Microsoft 365 Data Storage Locations (Exchange, OneDrive, SharePoint, Teams & More)

Posted on 3 September 2025Updated on 3 September 2025by Nikki Chapple

Update (September 2025): This post has been updated to include the latest changes to private channel message storage and compliance.

If you’re managing Microsoft 365, you already know it stores data across Exchange, SharePoint, Teams, OneDrive, and more. But do you know exactly where each type of data lives—and which Microsoft Purview tools can help protect it?

In today’s fast-paced digital world, data is the lifeblood of any organization. It is the foundation upon which decisions are made, strategies are formulated, and success is measured. As a user or admin of Microsoft 365, you have access to a powerful suite of tools that enable you to create, store, and manage your data with ease. But with so many applications and features, it can be challenging to know where your data is stored and how to access it. Understanding these Microsoft 365 data storage locations is crucial for effective data management and regulatory compliance.

This comprehensive guide will help you answer the question: Where does Microsoft 365 store your data?

Microsoft Purview DLP: Best Practices for Successful Implementation

Posted on 22 August 2025Updated on 22 August 2025by Nikki Chapple

Microsoft Purview Data Loss Prevention (DLP) is often misunderstood. Many organizations treat it as a quick fix, something that can be switched on in the portal. In reality, DLP is a strategic capability that requires planning, thoughtful policy design, and continuous improvement to be effective.

In a recent episode of the All Things M365 Compliance Podcast, Ryan John Murphy and I were joined by guest Ewelina Paczkowska, Solution Architect at Threatscape and author of the excellent Welkas World blog, to explore how organizations can maximize the value of Purview DLP.

This blog shares some of the best practices and lessons learned from our discussion.

Governing AI Shadow IT with the Microsoft Purview Browser Extension

Posted on 20 August 2025Updated on 22 August 2025by Nikki Chapple

AI tools like ChatGPT, Bard, and Claude are transforming the workplace. From customer service to content creation, employees are increasingly turning to them as productivity boosters. But with this innovation comes a challenge:

⚠️ How do you protect sensitive company data from being unintentionally exposed, while still enabling the benefits of AI?

The answer: the Microsoft Purview Browser Extension — a lightweight, privacy-first tool that gives organizations visibility and control over browser activity without becoming intrusive. When combined with Endpoint DLP, Insider Risk Management (IRM), and Data Security Posture Management (DSPM) for AI, it provides a powerful way to govern risky behavior, including shadow AI.

A four‑step guide to using DSPM for AI to monitor and manage risky behaviour — without compromising privacy
What the Purview Browser Extension is and why it matters
How it works alongside Endpoint DLP and Insider Risk Management (IRM)

How AI Is Reshaping Microsoft 365 Compliance: Insights from Rafah Knight

Posted on 9 August 2025Updated on 9 August 2025by Nikki Chapple

Microsoft 365 AI compliance is fast becoming a critical priority as artificial intelligence transforms how businesses operate. Tools like Microsoft 365 Copilot are reshaping productivity—but they also introduce new challenges for data governance, security, and regulatory alignment.

In a recent episode of the All Things M365 Compliance podcast, I joined Ryan John Murphy and Rafah Knight, founder of Secure AI, to explore how organisations can adopt AI responsibly within Microsoft 365. From mitigating shadow AI risks to aligning with the EU AI Act, we unpacked what legal, IT, and compliance teams need to know.

Here are the key takeaways for managing AI governance and compliance in the Microsoft 365 environment.