Following on from our blog on Cloud Migration fears, we take a look at the Top 5 identified concerns, assess their validity and look at how they can be practically addressed.
Migrating to Public Cloud gives most organisations the chance to massively scale their security without breaking the bank – providers like Microsoft and Amazon are using the latest, biggest and best-patched Cloud security solutions available in the market today. For many Data Managers, that is not something that can be said with confidence within a traditional on-Premise environment. As Cloud is virtualised, it gives the advantage of seeing the entire network topology through a dashboard (“single pane of glass”) to give enhanced visibility and allow issues to be identified and addressed quickly.
While Cloud environments are far from immune to Data breaches, the flexibility and scalability of the Cloud allows more complex and bespoke measures to be added for sensitive and personal Data. One of the key considerations in a Cloud Migration project is building security in from the outset and making sure the migration is very carefully configured to prevent accidentally “exposed buckets” or similar. In essence, careful preparation of the migration project with security as DNA will massively reduce the security risk in moving your Data to the Cloud.
The fear of being tied in to a vendor with difficult options – if any – to sever the relationship cleanly and easily move your Data from their Cloud environment back to your own or a new CSP’s. This is a legitimate fear and one that you may need addressed by peremptory steps to ensure that the control of your Data is protected from the outset of the contract.
Encryption and “keystores” are a good way to avoid the hassle of lock-in. Essentially you can have the option to store your encrypted files on your own network, in another Cloud or share them with a third party such as a law firm or consultancy (KPMG, PWC etc.) to hold in trust. Major public Cloud providers give you options to manage your own encryption keys, ensuring none of their internal staff could access your Data – even if they tried.
Using multi-vendor Cloud options are also an option to mitigate the risk of vendor lock-in but will lack one clear overview panel and may be labour-intensive to manage. Opting for this solution will need to be carefully planned, managed and resourced.
Control of Your Data
Taking the responses to the fears around Security and Vendor Lock-in addressed above, there are clear measures that you can take to mitigate any risk associated with a perceived loss of control of your Data before you take a dedicated step down the Cloud Migration path.
Making your Data as portable as possible and avoiding (where possible) bespoke formatting will help a lot to ensuring that there are not any problematic elements in terms of moving Data when needed, in either direction. While selecting a Cloud partner, you should – as far as possible – make sure that they allow a conduit for you to extract Data easily and economically.
As Cloud matures, a sensible combination of the Cloud vendors’ transparency, proliferation of physical locations and your own due diligence when it comes to selecting a compliant partner will see the problem of Data residency somewhat addressed. Electing to go ahead with Cloud migration means that knowing where your Data will reside, scrutinising the details of any contract and careful selection of the partner themselves are all very important indeed.
Again, encryption is a key element to de-risking the Cloud Data residency issue. Ensuring that your Data is encrypted “at rest” before the migration begins, encrypted during transit and the encrypted (and optionally shredded) keystore is securely in your control dramatically cuts down on the risk of getting entangled in this obstacle.
Cloud spend fears can be addressed by looking at the TCO (total cost of ownership) of buying, maintaining and staffing the infrastructure on your own environment. Careful scrutiny when signing up to a Cloud Service Provider’s contract is key to taking the surprise out of the ongoing bills. Above all, the ability to manage and oversee the entire Cloud Data operation is of huge importance in managing the spend associated with your Cloud engagement.
Using a Cloud management platform, an integrated solution which allows management of public, private and hybrid cloud environments, will greatly enhance your Cloud spend control capabilities. Cloud Management Platforms feature self-service interfaces, provision system images and enable metering and billing as their core functionality, giving you the spend tracking oversight you need.
Your Cloud Migration Project
If you are planning or are stalled on a Cloud Data Migration project, contact us to discuss how SISCIN from Waterford Technologies takes the hassle completely out of the picture. Our Data Management experts will be delighted to talk you through just how simple it can be.