The only way to really know if we’re a good fit is to get in touch, so let’s have a chat! One of our friendly experts will get straight back to you. You never know, this could be the beginning of a great partnership.


+ 27 (0) 10 591 2323

readying microsoft defender for your mimecast migration

How to start readying Microsoft Defender for your Mimecast migration

For many organisations, a Mimecast migration has become a no-brainer in terms of optimising email security and compliance. A unified Microsoft environment leveraging Defender for Office 365 (and the wider Microsoft Defender suite with endpoint protection, identity, and cloud apps), is simply too compelling an opportunity from a cost, functionality and security perspective. Once the decision to migrate from Mimecast to Microsoft has been made, it is then time to tackle the migration. Here are a few ways you can proactively prepare for the transition in order to achievea more secure, compliant, future-proof and innovation-ready environment.

Did you know? Research by Deloitte suggests that 91% of all cyberattacks begin with a phishing email. No wonder email security is top of the priority list for IT Security Managers and CIOs!

Understand your current configuration

Chances are, you’ve invested a significant amount of time over the years tweaking your Mimecast deployment to achieve the right balance of reliable mail delivery and appropriate security. Having a clear understanding of what this looks like in Mimecast will put you one step ahead when it’s time to start configuring Microsoft Defender to achieve the same – or ideally better – levels of protection.

While you’re analysing your Mimecast setup, it’s also a good idea to make a list of any challenges you’ve been experiencing, and any improvements/enhancements you hope to make by migrating to Microsoft Defender.

Pro tip: Microsoft Defender’s customisation/configuration capabilities are potent, but very different to those you may be used to in Mimecast. Familiarising yourself with Defender’s ins and outs – not to mention staying on top of all the new functionality releases – can be a daunting prospect. It helps to have an experienced Microsoft partner on board to ensure all your bases are adequately covered, and that you’re getting full value from your Microsoft Defender deployment.

Consider user experience

The level of control you place on email delivery and quarantine can directly affect your business user experience. Weave your security net too tight and your support desk will be inundated with user requests to release legitimate emails. Weave it too loose and you risk unacceptable levels of cyberattacks and spam slipping through. 

Finding the perfect balance isn’t easy, but it’s certainly easier when key business stakeholders are brought in on the decision-making. We strongly recommend getting that ball rolling as early as possible.

Review retention and deletion policies

Pre-migration is the ideal time to review your retention and deletion policies to ensure that your organisation is compliant with the latest rules and regulations. 

We’re not just talking minimum retention for regulatory compliance, either. Privacy laws take a firm stance on maximum retention periods, too. Giving in to the “keep everything, always, just in case” mindset can land a business in very hot water (and make your migration far bulkier and more expensive than it needs to be).

Struggling to stay on top of compliance? Ask us about our Compliance Accelerator Programme, designed to help you maintain momentum on your compliance maturity journey while keeping your objectives aligned with your business needs.

Remember the “big picture”

Email security decisions cannot be made in isolation. Every choice could impact – or be impacted by – wider programmes of work relating to data security. Truly robust protection can only be achieved through a carefully considered and coherent approach that includes input from stakeholders across the business.

The earlier you start these conversations, the easier it is to cover all the necessary bases and ensure your new email security setup slots seamlessly into your bigger security picture.

Get help!

Need help figuring out what you should be aiming for in terms of email security and compliance and translating that into real-world Microsoft Defender controls? We’ve got you covered.

As a recognised Microsoft Solutions Partner with decades of security and compliance expertise, we have what it takes to ensure your Mimecast to Microsoft migration taps into every possible security, functionality, and cost-saving benefit.

A three-sided Defender design challenge

One of the more interesting Mimecast migration readiness projects we’ve handled at Cloud Essentials involved paving the way for the consolidation of three regional Mimecast instances into a single Microsoft 365 environment.

Each region came with its own unique compliance controls and policies that needed to be replicated in Microsoft Content Preserve using Microsoft Defender. 

Getting this right involved:

  • An in-depth discovery process
  • A complex combination of policy conflict resolution, policy merging, and scoped policies
  • Creative problem solving to overcome security and content translation idiosyncrasies
  • Segregation of eDiscovery using Compliance Boundaries.

Despite the unusual multi-regional challenges, tight timelines and migration size (25,000 users/200Tb of data), our team managed to successfully replicate all existing policies in Office 365 and action a smooth cutover for new data, on deadline.

We have since moved on to phase two of this project: migrating the client’s Mimecast archives to their freshly primed Microsoft 365 environment. It’s full speed ahead on this Mimecast migration success story!