4 simple steps to consider when moving unstructured data to the cloud
Many companies are looking to modernise and migrate their on-premise data to the Cloud.
- Type: Insights
- Date: 14/10/2021
- Author: Kyle DuPont
- Tags: Cloud Migration, data discovery, Cybersecurity, Migration
Many companies are looking to modernise and migrate their on-premise data to the Cloud. Often it’s shifting legacy applications, looking to take advantage of new database types and cloud-based data platforms, bolstering cybersecurity, and driving analytics and insights.
With the average employee creating 1,000 files during their tenure at a company and little control over how that data is stored, unstructured data is hugely challenging to deal with during data migration projects to the Cloud.
In a company that has had, for instance, 10,000 employees over the past 5 years, they could be storing tens of millions of files. Reviewing this manually would take years, while the project timelines are often measured in months.
On top of this, data privacy and security regulations and policies are challenging companies with the technical considerations of how data gets transferred and consumed and what that data means throughout its lifecycle in the company.
In cloud migrations, often the risk is just transferred from the old to the new. But, it doesn’t have to be like this. A Cloud migration creates an opportunity for data protection and privacy modernisation.
4 simple steps to bring operational, security, and cost benefits to your cloud migration
Here are 4 simple steps to bring operational, security, and cost benefits whilst improving risk and governance.
Set policy and standards: a standard, common, understanding of how cloud migration should happen is vital. These documents and procedures will determine what data can be migrated to the cloud and build organisational trust. This can be developed by stakeholders from security, privacy, records and retention, etc. but then it is crucial to also get at least some amount of buy in from data owners/custodians. A large cloud migration project is the perfect opportunity to ensure that the organisation understands exactly what needs to be done with its data. Once in place, automated enforcement of company policies and standards can be automated to support ongoing operational support. It becomes your playbook.
Understand what data you have: Now that you have the policies and standards, a pre-migration scan of data to discover, classify and tag at scale is very helpful from a security standpoint and to provide a baseline. Should the information with personal data/PII/PHI be transferred to the cloud at all? Should it be archived for records and retention purposes? Should we just delete it outright? Or something else altogether? Discover and classify your data to make informed decisions and determine what should be migrated in the first place.
Clean up your data (data minimisation): Once you have identified files and documents with sensitive and personal data, there is an opportunity to analyse and review what data is redundant or should otherwise be removed. The result is reducing risk for your company, and potentially millions in storage and bandwidth egress cost savings from not migrating data that should otherwise be deleted.
Implement ongoing security and privacy controls: Post-migration, maintain your standards by creating a consistent way to classify, tag, and enforce policies on data based on sensitivity, location, who is accessing the data, and more. Maintaining the metadata associated with the relevant data and, perhaps more importantly, keeping that metadata up to date over time as it changes and ensuring access controls are measured and managed.
How can Ohalo help with cloud migrations?
Ohalo provides the Data X-Ray, which builds metadata out of your unstructured data at scale to understand where the risk lies. The Data X-Ray automatically performs a “Google” like crawl of your files, documents and data stores and pushes them through a configurable pipeline, automatically identifying PII, PHI, PCI and many other regulations as well as rules that are unique to your company.
It can do this at scale so that you manage, monitor and analyse the data that you are dealing with on-prem and can make informed and audited decisions about how data should be migrated and ensure company policies, standards and controls are in place once the data lands in the cloud.