Easily migrate your Symantec DLP policies to Microsoft Purview Data Loss Prevention

Posted by

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

With everyday work and collaboration becoming digital, organizations are looking to transition from traditional data loss prevention (DLP) solutions to cloud DLP solutions. Cloud DLP solutions not only help protect sensitive information in cloud services and applications, but also empower organizations to scale faster and keep up with the explosion of data and data types. Research shows that DLP professionals at organizations that predominately use cloud DLP solutions are twice as likely to say that cloud DLP solutions help both balance data protection and employee productivity, and are easier to scale[1].

 

Microsoft Purview Data Loss Prevention is a unified and cloud native DLP solution that helps customers effectively protect their sensitive data from exfiltration across applications, services, and devices. To quickly get started with Microsoft Purview DLP, today we are excited to announce the public preview of Microsoft Purview Data Loss Prevention migration assistant for Symantec.

 

The migration assistant is a Windows-based desktop application that helps migrate existing DLP policies from Symantec to Microsoft Purview DLP with minimal effort. The migration assistant supports policies for all workloads supported by Microsoft Purview DLP including Exchange Online, SharePoint Online, OneDrive for Business, Microsoft Teams, endpoint devices, and non-Microsoft applications.

 

Quickly get started: The following simple four-step migration process will allow you to automatically detect your existing policy configurations and quickly create equivalent policies in the Microsoft Purview DLP environment:

 

  1. Input: migration assistant ingests one or more Symantec DLP policy XML export files as input.
  2. Analyze: migration assistant interprets the XML files & identifies Symantec DLP policy constructs and maps the identified constructs to Microsoft’s DLP capabilities.
  3. Migrate: once the migration assistant has completed analyzing the existing policies, it executes PowerShell scripts for the DLP scenarios identified and supported by the Microsoft Purview DLP platform and creates equivalent policies in Microsoft Purview DLP.  
  4. Report: once migration has been completed, the tool provides a detailed migration report on policies that were migrated successfully, partially and/or not migrated. It also provides recommendations to improve migration fidelity.

Input: Download and install the application from GitHub. Once installed, you will be prompted to log in with your Microsoft Purview compliance portal’s Global administrator or Compliance administrator credentials. Upon successful login, you will be able import the existing DLP policies that you wish to migrate. Migration assistant supports migration of policies from Symantec DLP 15.0 and higher.

 

Figure 1: Importing Symantec DLP export XML files in migration assistantFigure 1: Importing Symantec DLP export XML files in migration assistant

Analyze: Once you have selected the files you want to migrate, migration assistant will process these files and automatically map the policy elements to Microsoft Purview DLP elements. To map the sensitive data types protected by your existing policies, the migration assistant will take the following approach:

  • The existing sensitive data types from the Symantec policies (known as data indicators) will be automatically mapped to an out-of-the-box sensitive information type (SIT), if available, in Microsoft Purview Information Protection.
  • For all sensitive data types for which there is no equivalent SIT available in Information Protection, the migration assistant will automatically create a new SIT. Similarly, any regular expressions or keywords defined directly in the existing DLP rules will be migrated over as a new custom SIT.

In this stage, you will be able to see a pre-migration report highlighting policies that will be completely or partially migrate and the ones that will not migrate. You will have the opportunity to edit the policies and can choose to run the migrated policies in test mode for further fine tuning without affect your data or users. All policies in Microsoft Purview DLP automatically log events in Unified Audit Log and do not need a separate action.


Figure 2: Editing policies in migration assistantFigure 2: Editing policies in migration assistant

Migrate: Once you have made any necessary edits to the policies, they get created in the Microsoft Purview DLP environment with the mode selected in the previous step. You can continue to fine tune the policies as needed through the Microsoft Purview DLP Policies page.


Figure 3: Policies being migrated to Microsoft Purview DLPFigure 3: Policies being migrated to Microsoft Purview DLP

Report: Once the policies are migrated, you can download the report to see a detailed report of the migration process, including migration summary, policy, and SIT details. The report includes details on how the sensitive data was mapped, workloads supported, reasons for why certain policies were partially or not migrated, actions that you can take to fix the issues, and more.

 

Figure 4: Reporting capabilities of the migration assistantFigure 4: Reporting capabilities of the migration assistant

Get started

You can get started today by downloading the migration assistant from GitHub. For the migration assistant to successfully create policies in Microsoft’s DLP environment you need an active subscription for Microsoft Purview DLP. To successfully migrate DLP policies for Exchange Online, SharePoint Online, and OneDrive for Business you need a Microsoft 365 E3 subscription and for policies for Microsoft Teams, endpoints, as well as non-Microsoft cloud apps, a Microsoft 365 E5 or E5 Compliance subscription is required. Learn more about Microsoft Purview DLP licensing here.

 

If you do not have an active Microsoft 365 E5 subscription you can start a free trial of Microsoft Purview. All you need is a Microsoft 365 E3 subscription!

 

Additional resources:

  • Read the documentation to learn more about the migration assistant
  • Download the migration assistant from GitHub
  • Read the documentation to learn more about Microsoft Purview DLP
  • Learn how to create and edit policies in Microsoft Purview DLP in this interactive guide  

We look forward to your feedback.

 

Thank you,

Microsoft Purview Data Loss Prevention team

 

 

[1] Survey of 297 DLP professionals at U.S. enterprise organizations, December 2022

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.