With the Azure Information Protection (AIP) classic client sunset announcement in March last year, we made it clear that migrating to unified labeling is crucial to continue classifying sensitive information, along with increasing the coherence and effectiveness of label and protection management in Microsoft’s ecosystem.
This blog post should serve as additional guidance for those that need to migrate their labels and policies from the Azure Information Protection portal to Microsoft 365 compliance center as well as upgrade from the classic client to the unified labeling client or the native labeling experience.
In this blog post, you will learn the answers to the following questions:
Microsoft will not provide migration extensions and the Azure information protection classic client will stop functioning and will not be able to aquire policy from the Azure Portal on March 31st, 2022. Because of that, it is important for you to commit to the task and set firm timelines to finish migration before the end of this year.
Microsoft Information Protection (MIP) provides you with a unified set of capabilities for classification, labeling, and protection across all our services, including platforms such as web, iOS, Android, and Mac.
Unified labeling is the backbone that ties all these capabilities together under a single pane of glass through management in the Microsoft 365 compliance center. Migrating your labels and policies from the AIP portal is a necessary step for you to be able to continue using our information protection capabilities.
Government Community Cloud (GCC) customers, including GCC High, can find more information in our recent blog post.
Figure 1. Transition steps for migration to unified labeling
Activating unified labeling and copying your policies to the Compliance center are semi-automatic actions that can be done with a click of a button, but before that, you should make sure you have everything ready.
One of the first things you need to consider is whether you will upgrade your AIP classic client to a unified labeling client or move directly to using native labeling capabilities.
The following decision tree should help you in choosing the right path.
Figure 2. Guidance for labeling client selection
If you are not sure which client you are using right now and if you are still using the old experience, see How can I determine if my tenant is on the unified labeling platform?
The resulting impact on end-users is a slightly changed appearance of the Office ribbon bar button.
Figure 3. User experience comparison
Migrating your labels to the Microsoft 365 compliance center is a straightforward task. For a description of how this can be done, see Migrating labels to the unified labeling platform.
For the migration of policies, you can start from scratch in the Microsoft 365 compliance center or use a Copy policies feature (preview). Be aware that some settings are not migrated automatically, for details see Configuring advanced labeling settings and Label settings that are not supported in the Microsoft 365 compliance center.
If you would like to preview the admin experience before activating unified labeling, see one of our previous blog posts.
Figure 4. Service architecture after activating unified labeling
If you choose to use the built-in labeling support, you do not have to install anything, but you will need to have at least Office version 1910. Some specific features require even newer versions - for detailed requirements including other platforms such as web, iOS, Android, and Mac, see Support for sensitivity label capabilities in apps.
For the installation of a unified labeling client, you can either run an executable (.exe) or deploy Windows Installer (.msi) version of the client. Both support silent installs through central deployment mechanisms and will perform an in-place upgrade from the classic client. If you need additional information, you can visit the detailed admin guide describing the installation process and requirements in detail.
To download the latest version of Azure Information Protection unified labeling client, visit https://aka.ms/aipclient.
There are some specific exceptions such as scanner functionality and Azure Information Protection analytics, which remain active in the Azure portal. Regardless, we encourage customers to use unified audit logs and activity explorer in the Microsoft 365 compliance center for a complete view of all the analytics data.
Once you have migrated your labels and policies to the Microsoft 365 compliance center and updated all your classic clients to the unified labeling client (or transitioned directly to the built-in experience), you have successfully finished the migration process. Congratulations!
We have compiled all relevant resources for you in the following list:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.