New Blog Post | Migrating from Windows Information Protection to Microsoft Purview

By Edwin Chan

 

Introduction

In July 2022 we announced the sunsetting  here: Announcing the sunset of Windows Information Protection (WIP) - Microsoft Community Hub of Windows Information Protection (WIP). The last version of windows to ship with WIP will be Win11 24H2, it will be the first version to not include WIP. However, the decryption capabilities will remain.

 

Why are we doing this?

Windows Information Protection, previously known as Enterprise Data Protection (EDP), was originally released to help organizations protect enterprise apps and data against accidental data leaks without interfering with the employee experience on Windows. Over time, many of you have expressed a need for a data protection solution that works across heterogenous platforms, and that allows you to extend the same sensitive data protection controls on endpoints that you have for the various SaaS apps and services you rely upon every day. To address these needs, Microsoft has built Microsoft Purview Data Loss Prevention (DLP), which is deeply integrated with Microsoft Purview Information Protection to help your organization discover, classify, and protect sensitive information as it is used or shared.

 

What scenarios are in scope?

WIP provided customers with the following key capabilities:

• Extend data protection to managed and unmanaged devices
• Protect enterprise data at rest when it's stored on a protected device
• Restrict which apps, removable drives, printers, network shares, and sites are allowed or restricted from copying, accessing, and storing sensitive data
• Classify data based upon the app or site where it was created, copied, or downloaded.
• Granular controls to designate different levels of data access restrictions
• Remote wipe sensitive data at rest

 

How does deprecation impact WIP users?

WIP as an offering is no longer under active feature development. The sunset process will follow the standard Windows client feature lifecycle, which shows which existing features and capabilities are supported and for what timelines. This was announced in July here.

 

Following this deprecation announcement, the Microsoft Endpoint Manager team announced ending support for WIP without enrollment scenario by EOY 2022, which only impacts unmanaged devices. The announcement by the Microsoft Endpoint Manager team is here. Please visit the Microsoft Endpoint Manager announcement for the latest on the decommissioning of MEM’s support for the ‘unenrolled’ scenario.

 

How should you respond to the deprecation notice?
If you are using WIP without enrollment, Microsoft will be communicating with you directly about the impact to your devices and the timelines for that impact. Please keep an eye on the message center for the latest updates.

Microsoft Endpoint Manager will continue to support WIP with enrollment (managed devices) scenarios for the duration of the OS lifecycle (until 2026) and will continue to offer options to enroll both corporate and personal devices for management (and subsequently to receive WIP policy).

 

How do I start planning for this change?

Refer to this chart for a breakdown of WIP capabilities and how they map to Purview:

 

 

Read the full post here: Migrating from Windows Information Protection to Microsoft Purview