How can you migrate Office message encrypted emails from one Exchange Online tenant to another Exchange Online tenant

Question

Hi :-)

I have a case with a customer in a merger acquisition where the migrated company received mails that was encrypted with office message encryption in their former Exchange Online Tenant. After the use of a third party tool for the migration these received emails can no longer be opened.

Info: I searched and read articles stating that the only mails sent internally within the company with Office Message Encryption can be removed and not from another organization.

The old Exchange Online Tenant still exist with the original emails

• Is it possible somehow to migrated these messages where the encryption is removed?
• Would they have to go back to the recipient and tell them to resend the email to them to be able to read them again?

Kind Regards

Hans

Answer 1

As the encryption keys are stored in the original tenant, there are generally few approaches:

• migrate the original domain(s) and ensure all users keep any proxyaddresses associated with protected files
• the migration tool can decrypt and move the items (optionally re-encrypt them after migration with a suitable label from the target tenant),
• export the key (TPD), then reimport it in the protection solution for the target tenant (either AIP or AD RMS).

Details are here: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/mergers-and-spinoffs/ba-p/910455