Mattermost
  • About Mattermost
    • Mattermost overview
    • Use cases
      • Secure command and control
      • Unified communication
        • Mattermost for Microsoft Teams
        • Mattermost Google Calendar integration
      • DevOps collaboration
      • Incident response collaboration
    • Security overview
    • Integrations overview
    • Subscription overview
    • Self-hosted subscriptions
    • Cloud subscriptions
    • Mattermost editions and plans
    • Corporate directory integration
    • Certifications and compliance overview
    • Frequently asked questions (FAQ)
      • General Mattermost questions
      • Community questions
      • Notifications
      • Video, audio, and screen sharing
      • Enterprise questions
      • License questions
      • Integrations
      • Use cases
      • Product questions
      • High trust questions
      • Design decisions
      • Business questions
      • Illicit use
  • Deploy Mattermost
    • Prepare your Mattermost database
    • Deploy on Ubuntu
    • Deploy using Docker
    • Deploy with a tarball
    • Deploy using Omnibus
    • Deploy using Kubernetes
    • Deploy on Red Hat
    • Prepare for your Mattermost deployment
      • Software and hardware requirements
      • About the Mattermost Kubernetes Operator
      • Administrator tasks
      • Architecture overview
      • Plan your Mattermost implementation
      • Enterprise roll out checklist
      • Welcome email template
    • Deployment guides
      • Server deployment
        • Deployment overview
        • Set up a socket-based Mattermost database
        • Image proxy
        • Backup and disaster recovery
        • Encryption options
        • Configure transport encryption
        • Bleve search
      • Desktop and mobile app deployment
        • Desktop app deployment guide
        • Desktop MSI installer and group policy installation guides (beta)
        • Desktop App custom dictionaries
        • Desktop managed resources
        • Using Mattermost’s pre-built mobile apps
        • Testing push notifications
        • Deploy Mattermost mobile apps
        • Mobile push notifications
        • Building and distributing your own custom Mattermost mobile apps
        • Deploying mobile apps using an EMM provider
        • AppConfig for EMM solutions with Mattermost Mobile Apps
        • Mobile VPN options
        • Mobile apps FAQ
        • Client-side data storage FAQ
    • Deploy Mattermost Apps
      • Settings
      • HTTP
      • AWS
      • Package Apps for AWS
      • OpenFaaS
    • Upgrade Mattermost
      • Prepare to upgrade Mattermost
      • Upgrade Mattermost Server
      • Enterprise install and upgrade
      • Install a license key
      • Release definitions
      • Important upgrade notes
      • Release lifecycle
      • Extended Support Release
      • Downgrade Mattermost Server
      • Version archive
    • Scale Mattermost
      • Scale for Enterprise
      • High availability cluster
      • Elasticsearch
      • Performance monitoring
      • Mattermost performance alerting guide
    • Deployment troubleshooting
      • General troubleshooting
      • Troubleshooting your high scale deployment
      • Troubleshooting mobile applications
      • PostgreSQL installation troubleshooting
      • MySQL installation troubleshooting
    • Changelogs
      • Mattermost changelog
      • Mattermost legacy self-hosted
      • Mattermost legacy Cloud
      • Mobile apps
      • Desktop app
      • Deprecated features
    • Additional server installation guides
      • Deploy Mattermost on Bitnami
      • AWS Elastic Beanstalk Docker setup
      • Install Mattermost Team Edition in GitLab Helm Chart
      • Open source components
  • Manage Mattermost
    • Get started
      • Optimize your workspace
      • Mattermost configuration settings
      • Self-hosted edition and license
      • Cloud subscription, billing, and account
      • Reporting configuration settings
      • User management configuration settings
      • Environment configuration settings
      • Site configuration settings
      • Authentication configuration settings
      • Plugins configuration settings
      • Integrations configuration settings
      • Compliance configuration settings
      • Experimental configuration settings
      • Deprecated configuration settings
      • Environment variables
      • Provisioning workflows
      • Multi-factor authentication
      • Active Directory/LDAP
      • GitLab SSO
      • OpenID SSO
      • Google SSO
      • Office 365 SSO
      • Advanced permissions
      • System admin roles
      • Manage team and channel members
      • Custom branding tools
      • eDiscovery
      • Compliance monitoring
      • Compliance export
      • Legal hold
      • Data retention tools
      • Custom terms of service
      • Notify Admin
      • AD/LDAP groups
      • Use AD/LDAP synchronized groups to manage team or private channel membership
      • Guest accounts
      • SAML Single Sign-On
        • Okta SAML Configuration
        • OneLogin SAML Configuration
        • Microsoft ADFS SAML Configuration for Windows Server 2012
        • Microsoft ADFS SAML Configuration for Windows Server 2016
        • Keycloak SAML Configuration
      • SAML Single-Sign-On: technical documentation
      • Shared channels
      • Statistics
      • In-product notices
      • User satisfaction surveys
      • Health check
      • Announcement banner
      • Bulk export tool
    • Cloud workspace management
      • Mattermost Cloud billing
      • Workspace usage
      • Workspace migration
      • Cloud data residency
    • Self-hosted administration
      • Mattermost self-hosted billing
      • Store configuration in the database
      • Bulk loading data
      • SMTP email setup
      • Email templates
      • Calls deployment
      • Configure CloudFront to host static assets
      • Use an outbound proxy
      • Migration guide
      • Migration from MySQL to PostgreSQL
      • Chinese, Japanese, and Korean search
      • Customize Mattermost
      • Audit logging
      • JSON audit log schema
      • SSL client certificate setup
      • Certificate-based authentication
      • Manage telemetry
    • Other resources
      • Convert OAuth 2.0 providers to OpenID Connect
      • Generate a support packet
      • mmctl command line tool
      • Migration announcement email template
      • Advanced permissions infrastructure
      • Command line tools
  • Use Mattermost
    • Connect and collaborate
      • Access your Mattermost workspace
        • Install the desktop app
        • Install the iOS mobile app
        • Install the Android mobile app
        • Log out of Mattermost
      • Organize using teams
        • Team settings
        • Team keyboard shortcuts
      • Organize using custom user groups
      • Invite people
      • Learn about Mattermost roles
      • Collaborate within channels
        • Channel types
        • Channel naming conventions
        • Communicate a channel's focus and scope
        • Create channels
        • Rename channels
        • Convert public channels to private channels
        • Convert group messages to private channels
        • Join and leave channels
        • Make calls in Mattermost
        • Manage channel members
        • Browse channels
        • Navigate between channels
        • Mark channels as favorites
        • Mark channels as unread
        • Archive and unarchive channels
      • Communicate with messages and threads
        • Send messages
        • Reply to messages
        • React with emojis and GIFs
        • Organize conversations
        • Mark messages as unread
        • Forward messages
        • Share links to channels and messages
        • Save and pin messages
        • Set message reminders
        • Search for messages
        • Format messages
        • Set message priority
        • Mention people
        • Share files in messages
      • Keyboard shortcuts
        • Keyboard accessibility
        • Run slash commands
        • Built-in-slash-commands
      • Extend Mattermost with integrations
        • Collaborate within connected MS Teams
        • Collaborate within embedded MS Teams
        • Use the Mattermost Google Calendar plugin
    • Build repeatable processes
      • Learn about playbooks
      • Work with playbooks
      • Work with runs
      • Work with tasks
      • Work with notifications and updates
      • Work with metrics and goals
      • Share and collaborate
      • Interact with playbooks
    • Customize your preferences
      • Manage your notifications
      • Customize your Mattermost theme
      • Customize your channel sidebar
      • Manage your profile
      • Manage your security preferences
      • Set your status & availability
      • Manage your display options
      • Manage your sidebar options
      • Manage advanced options
      • Customize your desktop app experience
      • Connect to multiple workspaces
  • Develop with Mattermost
  • Get help with Mattermost
  • Join our community
  • Learn how we work
  • Contribute to this documentation
Mattermost
  • Docs »
  • Manage Mattermost »
  • Get started with administration »
  • Legal hold
  • Search
    Edit

Legal hold

plans-img Available on Enterprise plans

deployment-img self-hosted deployments

A legal hold, also known as a litigation hold, is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated. It’s a requirement established by the Federal Rules of Civil Procedure (FRCP) in the United States and similar laws in other jurisdictions.

Primary use cases include:

  1. Litigation: In anticipation or in the event of a lawsuit, organizations need to preserve all relevant documents and electronic data to ensure they can adequately defend their position. A failure to do so could result in court penalties.

  2. Regulatory investigation: If an organization is being investigated by a regulatory body, it may be required to preserve and produce certain documents or data.

  3. Audits: During an audit, whether internal or external, an organization might need to put a hold on certain data that is relevant to the audit.

  4. Records management: In some cases, organizations might use a legal hold to temporarily suspend the deletion of data that would otherwise be purged as part of its records management policy.

Mattermost is used as a secure collaboration hub by technical and operational teams, with critical documents and data shared on a daily basis. Thus, legal hold is a key requirement for Enterprises and public sector organizations who have deployed Mattermost for their teams, to meet compliance & auditory requirements while minimizing risk.

Below are step-by-step instructions on how to carry out a legal hold for Mattermost with XML-formatted data, Amazon S3 file storage, and archiving and compliance tools, such as Smarsh.

On this page

  • How to carry out a legal hold

    • Step 1: Upgrade to Mattermost Enterprise

    • Step 2: Establish a legal hold policy

    • Step 3: Enable legal hold in Mattermost

    • Step 4: Identify custodians

    • Step 5: Initiate legal hold

    • Step 6: Release legal hold

  • Frequently asked questions

    • Who can implement legal hold?

    • Does a user know if they’re placed under a legal hold in Mattermost?

    • What types of content does legal hold cover?

    • Can users delete their messages while on a legal hold?

    • Can a legal hold be applied retroactively to collect past data?

    • Is legal hold the same as e-discovery?

    • How do I enable e-discovery for Mattermost?

How to carry out a legal hold

Step 1: Upgrade to Mattermost Enterprise

Legal hold is available in Mattermost Enterprise. Learn more about the Enterprise plan & request a quote online at https://mattermost.com/pricing/

Step 2: Establish a legal hold policy

Establish a policy for when to implement a legal hold. This should be developed in consultation with your legal counsel and should include procedures for identifying relevant custodians (those who have potentially relevant information).

Establishing a legal hold policy first enables you to configure the Mattermost system correctly to meet your compliance & auditory requirements, minimizing associated risk.

Step 3: Enable legal hold in Mattermost

1 - Configure your file storage as Amazon S3

  1. In Mattermost, go to System Console > Environment > File Storage.

  2. Set the File Storage System to Amazon S3.

  3. Connect the Amazon S3 storage with Mattermost by specifying the S3 bucket name, prefix, AWS region, and hostname. You may optionally specify the access keys if using IAM roles.

  4. Learn more about file storage configuration options in our product documentation.

Note

  • For legal hold, only Amazon S3 is supported at this time, for increased reliability, compliance and automation capabilities.

  • Support for additional file storage options such as MinIO or local file storage are under consideration.

  • You may also optionally use our API to preserve data for legal hold. See our electronic discovery product documentation to learn more.

2 - Enable compliance exports

Enable compliance exports containing all messages and file uploads in an XML format to your AWS S3 file storage.

The exports include information on channel member history at the time the message was posted, which is critical information for some legal hold use cases. Entries for deleted messages and files are also included.

  1. In Mattermost, go to System Console > Compliance > Compliance Export.

  2. Set Enable Compliance Exports to true.

  3. Set the Compliance Export time. Choose a time when fewer people are using your system, such as 2:00AM your local time.

  4. Set the export file format to Actiance XML.

  5. Learn more about compliance export configuration options in our product documentation.

Note

  • For legal hold, only XML format is supported at this time.

  • Support for additional file formats, such as CSV or EML, are under consideration.

3 - Leverage compliance API in your DLP tool of choice

Connect it directly to the Amazon S3 bucket where compliance exports are stored. Our recommended DLP tool of choice is Smarsh. Learn more about their legal hold & e-discovery processes in their documentation.

You may optionally also use other tools that connect with Amazon S3, such as Active360, AwareHQ, Onna, or Trellix, though our team will be able to provide limited support using these tools.

4 - (Optional) Configure a data retention policy

This is typically implemented alongside legal hold, though is not required.

  1. In Mattermost, go to System Console > Compliance > Data Retention Policies.

  2. Set either a Global retention policy that applies to all messages and files older in your system, or a custom retention policy for specific teams or channels.

  3. Learn more about data retention configuration options in our product documentation.

Step 4: Identify custodians

Select the individuals or user groups that you want to place on legal hold.

Step 5: Initiate legal hold

Use the built-in functionality in Smarsh to specify one or more custodians for legal hold, and the number of days the custodian(s) are placed on legal hold.

While the legal hold is in place, you may edit it by adding or removing custodians, as well as access the preserved data.

Step 6: Release legal hold

Once the legal hold has completed, release it in Smarsh. This action will take custodians off of the legal hold.

Frequently asked questions

Who can implement legal hold?

Only the System Administrator in Mattermost has the ability to implement legal hold.

Does a user know if they’re placed under a legal hold in Mattermost?

No, users will not be notified if they’re placed under a legal hold. This allows for investigations to be conducted without influencing user behavior and without conflicts of interest.

What types of content does legal hold cover?

The legal hold covers all messages and file uploads shared in conversations where the legal hold is active, including messages posted by plugins, bots or webhooks. This includes messages or files shared in public channels, private channels, direct messages and group messages.

However, legal hold does not apply to reactions, playbooks, or audio calls.

Can users delete their messages while on a legal hold?

Yes, users can delete messages, but they are retained for the purposes of legal hold when implemented with the aforementioned steps.

Can a legal hold be applied retroactively to collect past data?

Yes, but this is only guaranteed for existing and future messages/files once legal hold is activated. It won’t recover messages or files that were deleted before the legal hold was activated.

Is legal hold the same as e-discovery?

No. While they serve a related use case, they are not the same.

Legal hold is an initial step to ensure relevant electronically stored information (ESI) is preserved. On the other hand, e-discovery is a multi-step process that uses this preserved data to identify, collect, preserve, process, review, and produce ESI in the context of a legal or investigative process.

How do I enable e-discovery for Mattermost?

Learn more about extracting data for e-discovery in our product documentation.

Previous Next

© Copyright 2015-2023 Mattermost.

Built with Sphinx using a theme provided by Read the Docs.
  Options 
Contribute
Report a Problem
Edit on GitHub
×
Inc. Recognizes Mattermost as a 2023 'Power Partner'!
Mattermost Logo
  • Platform

    Platform

    • Channels
    • Playbooks
    • Security
    • Integrations

    Benefits

    • Control of Collaboration
    • Risk & Error Reduction
    • Decision Optimization
    • Open Source

    Interoperability

    • MS Teams
    • Atlassian

    Featured Resource

    Our most popular content.

    Platform Overview Video »
  • Solutions

    Solutions

    • Use Cases
    • Industries
    • Customers
  • Pricing
  • Developers

    Developers

    • Deploy
    • Integrate
    • Contribute
    • Blog
    • Resources
    • Community
    • Academy
    • Docs
    • API Reference
    • Release Notes
  • Enterprise
  • Login

    Login

    • My Workspace
    • Admin Portal
    • Apps
    • Support
  • Get Started
  • Contact Sales