I’m still waiting for the arrival of Loop components in OWA. After writing about the announcement of Loop support for OWA in MC360766, I was asked about the eDiscovery and Compliance issue reported in the message center post and why some organizations might block the use of Loop components until Microsoft delivers a solution.
The same problem exists for Loop components created in Teams chat. Let me explain what the problem is by going through an example.
Creating a Problem in a Loop Component
First, we create a compliance issue in a Loop component posted in a Teams chat. In this case, it’s a conversation about potentially fraudulent activity (Figure 1) in a Loop paragraph. The physical storage for the component is in a fluid file stored in the originator’s OneDrive for Business account. Like other files shared in chats, the file is in the Microsoft Teams Chat Files folder.
Figure 1: A problem conversation in a Loop component in Teams chat
It’s worth noting that Teams DLP policies do not currently check the content of Loop components. For instance, if the organization deploys a DLP policy to prevent users from sharing credit card numbers, it blocks this activity in regular chats, but not in Loop components.
Searching for Loops
I then opened the Microsoft Purview Compliance portal and created a new content search to look for any file or email containing the keyword “Arkana” as used in the Loop component. The search found three items, including one called “The Plan” (Figure 2).
Figure 2: A chat with a Loop component is found by a content search
As I note in a discussion about using Loop components in Teams chat, the Microsoft 365 substrate generates compliance records for messages posted in Teams chats. Although the substrate captures compliance records for messages containing loop components, they are empty apart from a link to the fluid file in their source OneDrive for Business account. For this reason, the compliance records do not appear in search results.
Accessing Loop Component Content
The content search preview does not support files containing loop components and displays the error:
“This document type is not supported by preview.”
To view the content, you can download a copy of the file from the search preview. This creates a file without an extension that cannot be opened. To solve the problem, I did the following:
Gave the file the same fluid extension (e.g., The Plan.fluid) as used when Teams stores files containing Loop components in the Microsoft Teams Chat Files folder in OneDrive for Business.
Moved the file into my OneDrive for Business account. Any folder will do.
Double-clicked on the file. Office.com opened and displayed the contents (Figure 3).
Figure 3: A copy of a Loop component file opens in Office.com
The good news here is that an investigator can at least download Loop components from a content search preview to examine their contents. The bad news is that this needs to be done on a file-by-file basis.
Exporting Loops in Search Results
After using search preview to make sure that a search locates results that they want, the next step for compliance investigators is to export search results. A preview is just that: a snapshot of what to expect when a search runs. Before an export can happen, Microsoft 365 runs a full search. This might find items overlooked in the preview. In our test, the export included the fluid file containing the interesting content (Figure 4).
Figure 4: Loop component files exported by a content search
The problem now starts to become obvious. You can’t open a fluid file from exported search results. You can if you copy the file to your OneDrive for Business account, but not in its export location. I suspect that this is due to permissions. When you move or copy a fluid file into your OneDrive for Business account, you have full control over it. Left in the search export location, metadata containing permissions in the file likely stops someone from opening it unless they have permission to.
This causes a huge problem for investigators. It might be workable for internal investigators to copy discovered fluid files to their personal OneDrive for Business account to review the files there. It’s not feasible for external investigators and experts to do the same, especially if they don’t have access to OneDrive for Business or want to work offline.
I believe this is the reason why Microsoft is working on “an offline consumable export format.” In other words, as the search export process extracts copies of files containing Loop components from their source locations, it will create something like a PDF version of the files. If this doesn’t happen soon, more organizations will consider blocking Loop components for all Microsoft 365 apps, adding to Microsoft’s difficulties in convincing people that this method of collaboration is a real advance.
Same Issue for Emails
The same issue will occur in emails with embedded Loop components. These files will probably live in the sender’s OneDrive for Business account with permissions granted to all recipients to interact with the components. Microsoft will need to do the same magic to convert Loop content in emails to something consumable outside the tenant.
Of course, quite how this scheme works when external recipients are part of the addressee list remains to be seen. It might be that these recipients see a static version of the Loop content. I’ll let you know when OWA support for Loop components becomes available.
Insight like this doesn’t come easily. You’ve got to know the technology and understand how to look behind the scenes. Benefit from the knowledge and experience of the Office 365 for IT Pros team by subscribing to the best eBook covering Office 365 and the wider Microsoft 365 ecosystem.
{"id":null,"mode":"button","open_style":"in_modal","currency_code":"EUR","currency_symbol":"\u20ac","currency_type":"decimal","blank_flag_url":"https:\/\/office365itpros.com\/wp-content\/plugins\/tip-jar-wp\/\/assets\/images\/flags\/blank.gif","flag_sprite_url":"https:\/\/office365itpros.com\/wp-content\/plugins\/tip-jar-wp\/\/assets\/images\/flags\/flags.png","default_amount":100,"top_media_type":"featured_image","featured_image_url":"https:\/\/office365itpros.com\/wp-content\/uploads\/2022\/11\/cover-141x200.jpg","featured_embed":"","header_media":null,"file_download_attachment_data":null,"recurring_options_enabled":true,"recurring_options":{"never":{"selected":true,"after_output":"One time only"},"weekly":{"selected":false,"after_output":"Every week"},"monthly":{"selected":false,"after_output":"Every month"},"yearly":{"selected":false,"after_output":"Every year"}},"strings":{"current_user_email":"","current_user_name":"","link_text":"Virtual Tip Jar","complete_payment_button_error_text":"Check info and try again","payment_verb":"Pay","payment_request_label":"Office 365 for IT Pros","form_has_an_error":"Please check and fix the errors above","general_server_error":"Something isn't working right at the moment. Please try again.","form_title":"Office 365 for IT Pros","form_subtitle":null,"currency_search_text":"Country or Currency here","other_payment_option":"Other payment option","manage_payments_button_text":"Manage your payments","thank_you_message":"Thank you for supporting the work of Office 365 for IT Pros!","payment_confirmation_title":"Office 365 for IT Pros","receipt_title":"Your Receipt","print_receipt":"Print Receipt","email_receipt":"Email Receipt","email_receipt_sending":"Sending receipt...","email_receipt_success":"Email receipt successfully sent","email_receipt_failed":"Email receipt failed to send. Please try again.","receipt_payee":"Paid to","receipt_statement_descriptor":"This will show up on your statement as","receipt_date":"Date","receipt_transaction_id":"Transaction ID","receipt_transaction_amount":"Amount","refund_payer":"Refund from","login":"Log in to manage your payments","manage_payments":"Manage Payments","transactions_title":"Your Transactions","transaction_title":"Transaction Receipt","transaction_period":"Plan Period","arrangements_title":"Your Plans","arrangement_title":"Manage Plan","arrangement_details":"Plan Details","arrangement_id_title":"Plan ID","arrangement_payment_method_title":"Payment Method","arrangement_amount_title":"Plan Amount","arrangement_renewal_title":"Next renewal date","arrangement_action_cancel":"Cancel Plan","arrangement_action_cant_cancel":"Cancelling is currently not available.","arrangement_action_cancel_double":"Are you sure you'd like to cancel?","arrangement_cancelling":"Cancelling Plan...","arrangement_cancelled":"Plan Cancelled","arrangement_failed_to_cancel":"Failed to cancel plan","back_to_plans":"\u2190 Back to Plans","update_payment_method_verb":"Update","sca_auth_description":"Your have a pending renewal payment which requires authorization.","sca_auth_verb":"Authorize renewal payment","sca_authing_verb":"Authorizing payment","sca_authed_verb":"Payment successfully authorized!","sca_auth_failed":"Unable to authorize! Please try again.","login_button_text":"Log in","login_form_has_an_error":"Please check and fix the errors above","uppercase_search":"Search","lowercase_search":"search","uppercase_page":"Page","lowercase_page":"page","uppercase_items":"Items","lowercase_items":"items","uppercase_per":"Per","lowercase_per":"per","uppercase_of":"Of","lowercase_of":"of","back":"Back to plans","zip_code_placeholder":"Zip\/Postal Code","download_file_button_text":"Download File","input_field_instructions":{"tip_amount":{"placeholder_text":"How much would you like to tip?","initial":{"instruction_type":"normal","instruction_message":"How much would you like to tip? Choose any currency."},"empty":{"instruction_type":"error","instruction_message":"How much would you like to tip? Choose any currency."},"invalid_curency":{"instruction_type":"error","instruction_message":"Please choose a valid currency."}},"recurring":{"placeholder_text":"Recurring","initial":{"instruction_type":"normal","instruction_message":"How often would you like to give this?"},"success":{"instruction_type":"success","instruction_message":"How often would you like to give this?"},"empty":{"instruction_type":"error","instruction_message":"How often would you like to give this?"}},"name":{"placeholder_text":"Name on Credit Card","initial":{"instruction_type":"normal","instruction_message":"Enter the name on your card."},"success":{"instruction_type":"success","instruction_message":"Enter the name on your card."},"empty":{"instruction_type":"error","instruction_message":"Please enter the name on your card."}},"privacy_policy":{"terms_title":"Terms and conditions","terms_body":null,"terms_show_text":"View Terms","terms_hide_text":"Hide Terms","initial":{"instruction_type":"normal","instruction_message":"I agree to the terms."},"unchecked":{"instruction_type":"error","instruction_message":"Please agree to the terms."},"checked":{"instruction_type":"success","instruction_message":"I agree to the terms."}},"email":{"placeholder_text":"Your email address","initial":{"instruction_type":"normal","instruction_message":"Enter your email address"},"success":{"instruction_type":"success","instruction_message":"Enter your email address"},"blank":{"instruction_type":"error","instruction_message":"Enter your email address"},"not_an_email_address":{"instruction_type":"error","instruction_message":"Make sure you have entered a valid email address"}},"note_with_tip":{"placeholder_text":"Your note here...","initial":{"instruction_type":"normal","instruction_message":"Attach a note to your tip (optional)"},"empty":{"instruction_type":"normal","instruction_message":"Attach a note to your tip (optional)"},"not_empty_initial":{"instruction_type":"normal","instruction_message":"Attach a note to your tip (optional)"},"saving":{"instruction_type":"normal","instruction_message":"Saving note..."},"success":{"instruction_type":"success","instruction_message":"Note successfully saved!"},"error":{"instruction_type":"error","instruction_message":"Unable to save note note at this time. Please try again."}},"email_for_login_code":{"placeholder_text":"Your email address","initial":{"instruction_type":"normal","instruction_message":"Enter your email to log in."},"success":{"instruction_type":"success","instruction_message":"Enter your email to log in."},"blank":{"instruction_type":"error","instruction_message":"Enter your email to log in."},"empty":{"instruction_type":"error","instruction_message":"Enter your email to log in."}},"login_code":{"initial":{"instruction_type":"normal","instruction_message":"Check your email and enter the login code."},"success":{"instruction_type":"success","instruction_message":"Check your email and enter the login code."},"blank":{"instruction_type":"error","instruction_message":"Check your email and enter the login code."},"empty":{"instruction_type":"error","instruction_message":"Check your email and enter the login code."}},"stripe_all_in_one":{"initial":{"instruction_type":"normal","instruction_message":"Enter your credit card details here."},"empty":{"instruction_type":"error","instruction_message":"Enter your credit card details here."},"success":{"instruction_type":"normal","instruction_message":"Enter your credit card details here."},"invalid_number":{"instruction_type":"error","instruction_message":"The card number is not a valid credit card number."},"invalid_expiry_month":{"instruction_type":"error","instruction_message":"The card's expiration month is invalid."},"invalid_expiry_year":{"instruction_type":"error","instruction_message":"The card's expiration year is invalid."},"invalid_cvc":{"instruction_type":"error","instruction_message":"The card's security code is invalid."},"incorrect_number":{"instruction_type":"error","instruction_message":"The card number is incorrect."},"incomplete_number":{"instruction_type":"error","instruction_message":"The card number is incomplete."},"incomplete_cvc":{"instruction_type":"error","instruction_message":"The card's security code is incomplete."},"incomplete_expiry":{"instruction_type":"error","instruction_message":"The card's expiration date is incomplete."},"incomplete_zip":{"instruction_type":"error","instruction_message":"The card's zip code is incomplete."},"expired_card":{"instruction_type":"error","instruction_message":"The card has expired."},"incorrect_cvc":{"instruction_type":"error","instruction_message":"The card's security code is incorrect."},"incorrect_zip":{"instruction_type":"error","instruction_message":"The card's zip code failed validation."},"invalid_expiry_year_past":{"instruction_type":"error","instruction_message":"The card's expiration year is in the past"},"card_declined":{"instruction_type":"error","instruction_message":"The card was declined."},"missing":{"instruction_type":"error","instruction_message":"There is no card on a customer that is being charged."},"processing_error":{"instruction_type":"error","instruction_message":"An error occurred while processing the card."},"invalid_request_error":{"instruction_type":"error","instruction_message":"Unable to process this payment, please try again or use alternative method."},"invalid_sofort_country":{"instruction_type":"error","instruction_message":"The billing country is not accepted by SOFORT. Please try another country."}}}},"fetched_oembed_html":false}
I was at ignite and Microsoft told me they are now supporting DLP policies for Loop, but still trying to confirm this
DLP can process OneDrive content, so it’s possible that this is how they are doing it. I need to check.