Arraya Insights | November 22, 2021
The workplace must be prepared for change. Whether companies seek to develop outside of their traditional core or adopt new workflows to remain competitive, change is a necessary process.
For many companies, one of the biggest changes they will face is a merger, acquisition, or divestiture. Within these scenarios, a Microsoft 365 tenant-to-tenant migration can be a large undertaking. This involves transferring ownership of the data within an existing 365 tenant to another tenant.
When preparing for a tenant-to-tenant migration, there are three elements to consider:
- Data: What kind of licensing does the existing tenant have in comparison to the new tenant? What types of workloads are they using? Are any app issues anticipated? Is there sufficient space or room in the targeted tenant?
- Devices: How many devices are involved? Is this number declining or increasing with the migration? Are these Azure Active Directory (AD) joined, or hybrid-Azure AD joined? What will be done with the devices? Are we unjoining them from the existing domain and re-joining them to the new domain?
- Security: Are we going from a low security tenant to a high security tenant? Or the opposite? Are there differences in multi-factor authentication, mailbox auditing, or login auditing?
When developing your migration plan, these are all important questions to consider and be prepared to answer before beginning the migration.
Types of Migrations:
Your migration journey will depend on what type of migration you’ll be conducting. These fall into three categories, depending on the business scenario, including:
- Tenant-to-tenant migration without rebranding: This involves a business unit and brand identity that have been sold together. The identities will migrate to a target tenant and will keep the existing domain as part of the migration.
A single-event migration is recommended for migrations smaller than 15,000 users or 7 TB of site content.
- Tenant-to-tenant migration with rebranding: This involves a business unit that has been sold and will be adopted by the target company’s branding. The identities will migrate to a new target tenant and will change the brand identity as part of the migration.
Either a single-event migration or a phased migration is recommended. A phased migration offers lower risk but a longer timeline.
- Cloud tenant move: This involves users being split across two tenants. The identities remain in the source tenant, but all users in the affected domain and all workloads are moved to a new cloud tenant.
A tenant move or split is recommended. This is similar to a single-event migration but does not include migrating accounts to a new on-premises AS DS forest. This approach is not intended for long-term coexistence.
While the specifics of your individual migration will vary depending on the type of migration you require, you can expect your migration to include the following stages:
- Prior: Send communication to each user and put mailboxes and content into read-only mode
- During: Stop reverse forwarding mail to allow new email to be delivered to the target tenant, enable target accounts (if required), and complete the final data migration
- Post: Users recreate their mobile profiles and client software is reconfigured (Outlook, OneDrive Sync Client, and Microsoft 365 apps activation)
Three Tips to Ensure a Successful Migration
There are several challenges that both the divesting company and the targeted company may face. It’s important to have a clear plan for the end state for both companies.
Here are our top three tips that we offer to customers who are preparing to complete a tenant-to-tenant migration:
- Understand your own security posture prior to the migration
Your existing tenant should be as organized and tidy as possible, including security. If you’re compromised in any way prior to beginning the migration, there are going to be significant issues. You should be clear on your current security status to ensure the migration process is secure and have a plan in place for security within the new tenant.
2. Enable multi-factor authentication for all users
While multifactor authentication was once an extra precaution, it’s now a baseline security necessity. All users should be enrolled in and actively using MFA. This simple security practice is one of the most effective measures to prevent unauthorized access.
3. Set up analytics within your new tenant
This proactive step can help your business make smarter security decisions moving forward. Through analytics, you can monitor who is logging in and from where. Regular mailbox audits can reveal potentially dangerous mailbox forwarding that you may not have know about and more. Further, you can reduce any unnecessary mailboxes to keep your tenant streamlined and organized moving forward.
Next Steps: Prepare for Your Successful Tenant-to-Tenant Migration
To learn more, check out our recent Expert Q&A video, Microsoft 365 Tenant-to-Tenant Migrations.
Chuck Kiessling, Arraya’s Senior Director, Presales Solutions, and Tony Shaw, Arraya’s Senior Solutions Engineer, discuss design considerations, the hurdles many clients face, and general best practices for migrating an existing M365 tenant to a new tenant.
Whether you’re ready to get started with a tenant-to-tenant migration or you’d like to learn more, contact an Arraya expert today.
Visit https://www.arrayasolutions.com/contact-us/ to connect with our team now.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.