Guidance: Sensitivity Labels during Mergers & Acquisitions (separate tenants, non-M365, etc.)

Hi lviskovic​

When dealing with Microsoft Purview sensitivity labels during mergers and acquisitions, keep the focus on clarity and temporary controls rather than perfection.

If the organizations stay on separate tenants, you can avoid a blanket “Internal” label because trust is not yet shared, so split it into simple, clear scopes like “Internal – Company A” and “Internal – Deal Team,” and use dedicated Teams or SharePoint sites for deal work with one enforced label per workspace. 

Reduce friction by relying on container labels instead of file‑by‑file labeling, limiting guest access to named groups and avoiding heavy auto‑labeling early on. This lets people collaborate safely without opening up the entire tenant.

For labels and content coming from the acquired organization, don’t rush to merge everything. If they already use labels, run both taxonomies for a while, choose a target model and gradually re‑label the most sensitive content first. If they are not on Microsoft 365, migrate content first with restricted access, then apply labels once it’s in place. Labels work best as the new control layer, not as a replica of old permissions. The biggest pitfalls are over encrypting too early, keeping too many custom permission labels and assuming legacy permissions equal sensitivity.

Most importantly, Keep the labels simple during the transition, monitor sharing closely and plan a clean‑up once the organizations are ready to fully integrate. I would avid using generalized label for both companies at the early stage and try to cut down those common labels by narrowing it to specific department or functional labels. 

If you find the answer useful, please do not forget to like and mark it as a solution 🙂