How to Reduce Risk When Migrating Data to the Cloud

June 22, 2021 | By IANS Faculty

Reducing risk when moving data to the cloud requires focus on three main areas (storage, databases and applications), as well as planning, processes and toolsets. This piece explains the main steps to take when migrating data to the cloud and offers tips for ensuring the process is secure and efficient.

Types of Data Migration

When planning and executing a migration of data to the cloud, organizations must consider everything from data integrity, business impact, cost and user experience/impact to potential downtime, data assessment and data quality. However, three common types of data migrations should take precedence:

  • Storage migration: Storage migrations focus on moving data from one storage device to a new or different device – on-premises or in the cloud. On the surface, these are the most straightforward types of data migrations, but that doesn’t mean you can just copy and paste a 5T byte folder to a new drive. You must plan and execute the migration to ensure success. Keep in mind when migrating sensitive and critical data, it’s especially important to understand what data is moving where, and who can (or should) have access to it. For end-user specific data stores, migrating storage can have potential impacts on day-to-day work activity, too, so planning ahead is important.
  • Database migration: Database migrations are required when you need to upgrade the database engine or move the database installation or the database files to a new device. There are more steps to a database migration than a storage migration, and you need to plan a database outage to perform the migration. Organizations should:
    • Back up the databases.
    • Detach the databases from the engine.
    • Migrate the files and/or update the database engine.
    • Restore the files to the new database from the new location.
  • Application migration: Application migrations usually require some combination of the two options above. Applications can have databases, and they can have installation folders and data folders that need to be migrated. Application migrations may require additional steps per the application vendor.

How to Plan a Data Migration

Migrating sensitive and critical data can be a delicate task. It’s important to make sure your cloud data migration is planned carefully. Organizations should:

  • Create and follow a cloud data migration plan: Determine what data needs to be moved, how data should be moved, where it’s going and who should access it. Set up a data migration plan that outlines each step, considering who will be affected, what the downtime will be, potential technical or compatibility issues, how to maintain data integrity and how to protect that data during the migration.
  • Fully understand the data you’re migrating: Take a good look at what you are migrating. Is it regulated data that requires security controls and specific access management? What data should go where? Who should be able to access what? Ensure that end-user data stores (for example, file shares and personal drive technology like Google Drive, Microsoft OneDrive, etc.) have the appropriate access controls and auditing needed to ensure protection of personal data.
  • Extract, transform and de-duplicate data before moving: Consider performing a full data cleanup before migration. Once the data is migrated, it’s probably going to be in that state until the next migration. Make sure you’re migrating the right data, while preserving data integrity.
  • Implement data migration policies: Establish policies to make sure data is going to the right place and ensure it’s protected once migrated. You can automate these policies to make the destination data even more secure than the source – and even set up rules to re-permission the data during the migration.
  • Test and validate migrated data: Make sure everything’s where it should be, create an automatic retention policy, clean up stale data and double-check permissions. Back up your old system, so you’ll be able to find any missing files offline, if necessary.
  • Audit and document the entire process: This helps with audit and compliance initiatives.

 

RELATED CONTENT:  Cloud Security Best Practices

 

Considerations for Migrating Data to the Cloud

When migrating data to the cloud, it’s also important to consider:

  • Connectivity: Migrations rely on multiple data centers as well as the traditional IT environment, but the data centers and the traditional infrastructure are not connected to one another. Using a secure IPsec tunnel between the border gateways to interconnect all the environments together and form a larger infrastructure network solves this problem. It allows access to the back-end local services and applications running in local environments – without exposing them to the outside world.
  • Cloud-native tools: Some cloud environments also have tools and services available that can greatly simplify secure migration of storage from on-premises environments. Amazon’s AWS Storage Gateway is an example of a platform that can facilitate file backups, tape backups and more.
  • Filtering rules: These should be applied to the border gateways to allow access to certain resources, while preventing access to resources that contain sensitive information.
  • Backup service: This is one of the most important services to use in a secure migration of data to the cloud. It allows for agents to be installed on the systems that need to be backed up all over your infrastructure, regardless of where the server is located. Then a single server within a traditional IT network can be authorized to perform backups of the other remote systems, which can be done securely and regularly without exposing anything to the external internet.

Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.


Find additional resources from our security practitioners.


Learn how IANS can help you and your security team.