Purview Integration during Merger and Acquisitions

arunsekaran​ Before deciding on a unified labelling approach, the first question is what the target tenant looks like:

• Are you consolidating into an existing tenant, or
• Migrating all organisations into a new tenant?

Sensitivity labels are tenant‑scoped, so labels that look identical across tenants are not the same technically.

I’d strongly recommend starting with an impact assessment, covering questions such as:

• Do any labels apply encryption, and if so, what are the encryption rules?
• Are labels applied manually, automatically, or both?
• What label policies exist (default labels, mandatory labelling, role‑specific policies)?
• Are container sensitivity labels used for Microsoft 365 Groups, Teams, or SharePoint sites?
• Are labels referenced in auto‑labelling, DLP, Insider Risk, retention, or other Purview controls?
• Are there custom SITs, scripts, or tools that depend on specific label GUIDs?
• Are labels enforced outside Microsoft 365 (for example via third‑party integrations)?

In an ideal scenario, you define the target labelling framework upfront, then map each source tenant’s labels to that target. If your migration tools support it, relabelling content during migration is the cleanest approach, particularly where one tenant already has large volumes of labelled data.

If content is migrated without relabelling, files may retain their original tenant’s label metadata, but users in the target tenant typically won’t be able to see or manage those labels, and label‑based policies won’t apply consistently.

Hey, arunsekaran​! 😊 There isn’t a native “tenant-to-tenant migration” for Purview sensitivity labels as objects. Labels are tenant-scoped (label IDs/GUIDs and publishing/encryption constructs don’t port cleanly), so in M&A you usually pick a strategy based on how labels are being used.

• If labels apply encryption / user-defined permissions: Microsoft’s common patterns are (1) keep the source tenant available for legacy protected content during the transition, (2) plan a support-led key/TPD move, or (3) “rekey” content (decrypt in source → migrate → relabel/encrypt in destination). See: Mergers and Spinoffs | Microsoft Community Hub
• If labels are classification/markings only: the destination tenant won’t automatically interpret the source label GUIDs, so the typical approach is to recreate a common label taxonomy in the destination and then re-label content after migration using portable signals (e.g., document properties/content markings + auto-labeling). See: Sensitivity Auto-labelling via Document Property | Microsoft Community Hub
• If you only need label interpretation/mapping (not preserving protection), there’s an advanced mapping option using “labelByCustomProperties” (labeling-only). See: Walkthrough for AIP labelByCustomProperties Advanced Feature | Microsoft Community Hub

Question for you: Are most of your existing labels encryption-enabled (especially user-defined permissions), or is this primarily classification/markings today? That detail usually determines whether “bridge temporarily” (keep source tenant) vs “relabel/rekey” is the right primary approach.