Dedicated to Providing Insight Into the Enablement of Cloud Hosting Environments.

Cloud Hosting Journal

Subscribe to Cloud Hosting Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Hosting Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Data migrations have become a standard aspect of managing IT infrastructure. For organizations used to purchasing storage arrays, the process of moving data from one array to another is not unusual. Instead, it is a necessary part of the storage lifecycle that mandates replacing storage arrays every 3-5 years when they run out of capacity, come off lease, or reach the end of their expected life spans. But what happens if you decide to store your data in the cloud instead?

Migrate to Cloud

The good news is that once your data is on public cloud storage, the storage life cycle disappears. There is no need to worry about ever migrating data between storage arrays again. Although a huge leap forward, this does not signal the end for the need to ever migrate, as there are still instances where you may want to move data between cloud providers. The consolation is that these type of migrations are rare events - the potential "gotcha" is they still demand planning and a good understanding of security ramifications.

The vanishing cloud provider

The recent announcement that Nirvanix was closing its doors was an unexpected event for its cloud storage users. It forced users to schedule a migration event on very short order, with little lead time for planning. While initial concerns focused on the logistics of migrating large volumes of data to a new cloud provider before the impending shutdown, it turned out many users found sufficient "cloud to cloud" bandwidth to move their data to a new cloud provider.

Keeping in mind migrated data is copied to a new cloud rather than deleted from the old cloud, another set of concerns surfaced around the security and ownership of the data left behind. How can you be sure the equipment that housed your data in the cloud wouldn't wind up in a 3rd party's hands following a fire sale? Moreover, how can you be sure the data is properly disposed or destroyed to prevent a possible breach?

If your data was stored encrypted at-rest, it turns out you don't need to worry about the old data left behind, though there are a few caveats. One is using strong encryption like AES-256 that is effectively unbreakable and endorsed by the US government for top secret data. Another is making sure you are the only owner of the keys used to encrypt that data. By taking the appropriate precautions, once you delete the keys, the data becomes effectively inaccessible, meeting enterprise requirement for data disposal. There is no need for additional data deletion, scrubbing or physical destruction.

It's important to point out that permutations of this security strategy may not always be effective. For instance, you may want to think twice about storing your keys with the cloud provider or letting the provider handle the encryption for you. Although a trusted provider my seem like a safe bet, any and all scenarios of key or data access outside of your control represent a point of exposure.

The lesson here is it's always best to plan ahead, thinking about the logistics of a possible cloud migration scenario and the security implications.

The bottom line

Recent events have raised the importance of having a secure way of migrating data from cloud to cloud. A secure migration strategy has moved from a "nice to have" to a necessary requirement for organizations storing data in the cloud.

Nevertheless, the list of benefits of combining cloud storage with existing storage into a hybrid environment are extensive and can enable great efficiencies for businesses struggling with data storage or disaster recovery. Those who may not have time to plan for all the subtleties of scenarios such as cloud migrations may want to consider cloud-integrated storage solutions that have already done much of the heavy lifting ensuring cloud storage is as secure and impermeable as the tightest local solution.

Security concerns around migrating cloud data are real, but by taking the proper measures, businesses can enjoy all of the benefits of the cloud without compromise.

The post The Real Risks of Migrating Your Data in the Cloud appeared first on TwinStrata.

Read the original blog entry...

More Stories By Nicos Vekiarides

Nicos Vekiarides is the Chief Executive Officer & Co-Founder of TwinStrata. He has spent over 20 years in enterprise data storage, both as a business manager and as an entrepreneur and founder in startup companies.

Prior to TwinStrata, he served as VP of Product Strategy and Technology at Incipient, Inc., where he helped deliver the industry's first storage virtualization solution embedded in a switch. Prior to Incipient, he was General Manager of the storage virtualization business at Hewlett-Packard. Vekiarides came to HP with the acquisition of StorageApps where he was the founding VP of Engineering. At StorageApps, he built a team that brought to market the industry's first storage virtualization appliance. Prior to StorageApps, he spent a number of years in the data storage industry working at Sun Microsystems and Encore Computer. At Encore, he architected and delivered Encore Computer's SP data replication products that were a key factor in the acquisition of Encore's storage division by Sun Microsystems.