Blog Post

Security, Compliance, and Identity Blog
3 MIN READ

Migrate legacy exchange DLP policies to the Microsoft Information Protection

PavanKB's avatar
PavanKB
Icon for Microsoft rankMicrosoft
Mar 11, 2021

Today, we are announcing the private preview for the exchange DLP migration wizard and would like you to join the preview and give us your valuable feedback.

 

Over the past year, we have released 27 new predicates for Exchange DLP in the Microsoft 365 compliance center. With these, predicates in the Microsoft 365 compliance center is at par with the legacy exchange admin center predicates.

 

The Exchange DLP migration wizard will enable you to seamlessly migrate the exchange DLP policies managed in the exchange admin center to the compliance center. Microsoft 365 compliance center provides access to advanced classification capabilities like EDM, ML, etc. along with rich alerts, incident management features, and more.​

 

Why move to Office 365 DLP?

Office 365 DLP offers a one-stop solution for DLP needs across your digital estate- SharePoint, One Drive for Business, Teams, Endpoint.
With a data loss prevention (DLP) policy in the Microsoft 365 Compliance Center, you can identify, monitor, and automatically protect sensitive information across Office 365.

With a DLP policy, you can:

  • Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, OneDrive for Business, Microsoft Teams, and Endpoint.

For example, you can identify any document containing a credit card number that is stored on any OneDrive for Business site, or you can monitor just the OneDrive sites of specific people.

  • Prevent accidental sharing of sensitive information.

For example, you can identify any document or email containing a health record that is shared with people outside your organization, and then automatically block access to that document or block the email from being sent.

  • Monitor and protect sensitive information in the desktop versions of Excel, PowerPoint, and Word.

Just like in Exchange Online, SharePoint Online, and OneDrive for Business, these Office desktop programs include the same capabilities to identify sensitive information and apply DLP policies. DLP provides continuous monitoring when people share content in these Office programs.

 

Migration wizard brings over your DLP policies from the Exchange admin center to Office 365 DLP.

  • Save on time and effort to move your policies from EAC DLP to Office 365 DLP.
    Essentially all policies with associated rules are brought over to the Office 365 DLP solution with just a few clicks in the wizard.
  • Minimal post-migration steps
    Since the policies and associated are brought over in the state selected by the admin, fine-tuning to policies is minimal.
  • Supports multi-phase migration
    The policies can be brought over to Office 365 DLP in a phased manner. Choose to start with a single policy and test side by side to evaluate the Office 365 DLP solution. Once satisfied, you can bring over the entire lot of policies that exist on the EAC DLP side.
  • Side-by-side analysis – Test before you deploy.
    Bring over the policies to Office 365 DLP in test mode and compare the GIR to evaluate and test before you move to production.
  • Detailed post-migration reports
    Any rule that may have warnings or errors at the time of migration is captured in the post-migration report. Go over the report to identify gaps (if any).

Sign up for a preview program

If you are interested in using the migration wizard to migrate existing DLP policies, you can join the preview program by filling the consent form & we'll add you to our MIP&C Preview team on Teams.  Please refer to the attached preview guide for more details.

 

Who can join? 

You can participate in the preview program if you have any policies being managed through the legacy exchange admin center.

Preview of timelines 

The preview program will start in March and the features will light up in a phased manner. 

What is your expectation?

Migrate existing policies to the Microsoft 365 compliance center using the migration wizard. If you face any issues or notice any bugs, report it to us on the  Microsoft Teams channel or write us an email at EtrDLPMigration@microsoft.com

Updated May 24, 2021
Version 5.0
  • Hi Prakash NC - Whoever has signed up for the preview program, we have rolled out the Wizard in the tenants for testing purpose. For all others, we have plans in the coming weeks to announce.

  • Prakash NC's avatar
    Prakash NC
    Copper Contributor

    We have DLP policies in Exchange Admin Center but I don't see migration pop up under 365 DLP.

    Is it not started yet?

  • t-rev's avatar
    t-rev
    Copper Contributor

    Will this in any way affect the ability to use Exchange transport rules with the sensitive information types such as PCI, PII, HIPAA, etc? I see them within the DLP area and want to ensure they will not be affected, i.e. can be used in a similar way.

  • RaksChauhan's avatar
    RaksChauhan
    Brass Contributor

    Hey PavanKB 

    Yes, was also wanting to query the same as t-rev has done above. Will the ETRs linked to existing Exchange DLP stop working?

     

    TIA

  • Hi RaksChauhan  / t-rev , You can continue using stand alone ETR's as-is. The policies/rules which are under, EAC-DLP is getting deprecated (no announcement yet). It’s recommended to move the existing Exchange admin center-DLP policies to DLP-ExO in Microsoft 365 Compliance Center. The built-in, wizard which we are planning to roll out soon, with in the compliance portal, will help to migrate at a faster pace.

  • DanielPenrod's avatar
    DanielPenrod
    Copper Contributor

    I was hoping to preview the migration wizard.  The link to the consent form takes me to Bing.

    Is it to late to preview this migration wizard?