How to start readying Microsoft Defender for your Mimecast migration
Understand your current configuration
Chances are, you’ve invested a significant amount of time over the years tweaking your Mimecast deployment to achieve the right balance of reliable mail delivery and appropriate security. Having a clear understanding of what this looks like in Mimecast will put you one step ahead when it’s time to start configuring Microsoft Defender to achieve the same – or ideally better – levels of protection.
While you’re analysing your Mimecast setup, it’s also a good idea to make a list of any challenges you’ve been experiencing, and any improvements/enhancements you hope to make by migrating to Microsoft Defender.
Pro tip: Microsoft Defender’s customisation/configuration capabilities are potent, but very different to those you may be used to in Mimecast. Familiarising yourself with Defender’s ins and outs – not to mention staying on top of all the new functionality releases – can be a daunting prospect. It helps to have an experienced Microsoft partner on board to ensure all your bases are adequately covered, and that you’re getting full value from your Microsoft Defender deployment.
Consider user experience
The level of control you place on email delivery and quarantine can directly affect your business user experience. Weave your security net too tight and your support desk will be inundated with user requests to release legitimate emails. Weave it too loose and you risk unacceptable levels of cyberattacks and spam slipping through.
Finding the perfect balance isn’t easy, but it’s certainly easier when key business stakeholders are brought in on the decision-making. We strongly recommend getting that ball rolling as early as possible.
Review retention and deletion policies
Pre-migration is the ideal time to review your retention and deletion policies to ensure that your organisation is compliant with the latest rules and regulations.
We’re not just talking minimum retention for regulatory compliance, either. Privacy laws take a firm stance on maximum retention periods, too. Giving in to the “keep everything, always, just in case” mindset can land a business in very hot water (and make your migration far bulkier and more expensive than it needs to be).
Remember the “big picture”
Email security decisions cannot be made in isolation. Every choice could impact – or be impacted by – wider programmes of work relating to data security. Truly robust protection can only be achieved through a carefully considered and coherent approach that includes input from stakeholders across the business.
The earlier you start these conversations, the easier it is to cover all the necessary bases and ensure your new email security setup slots seamlessly into your bigger security picture.
Need help figuring out what you should be aiming for in terms of email security and compliance and translating that into real-world Microsoft Defender controls? We’ve got you covered.
As a recognised Microsoft Solutions Partner with decades of security and compliance expertise, we have what it takes to ensure your Mimecast to Microsoft migration taps into every possible security, functionality, and cost-saving benefit.
Download our free
A three-sided Defender design challenge
One of the more interesting Mimecast migration readiness projects we’ve handled at Cloud Essentials involved paving the way for the consolidation of three regional Mimecast instances into a single Microsoft 365 environment.
Each region came with its own unique compliance controls and policies that needed to be replicated in Microsoft Content Preserve using Microsoft Defender.
Getting this right involved:
- An in-depth discovery process
- A complex combination of policy conflict resolution, policy merging, and scoped policies
- Creative problem solving to overcome security and content translation idiosyncrasies
- Segregation of eDiscovery using Compliance Boundaries.
Despite the unusual multi-regional challenges, tight timelines and migration size (25,000 users/200Tb of data), our team managed to successfully replicate all existing policies in Office 365 and action a smooth cutover for new data, on deadline.
We have since moved on to phase two of this project: migrating the client’s Mimecast archives to their freshly primed Microsoft 365 environment. It’s full speed ahead on this Mimecast migration success story!