9 data security tips for cloud migration

01 intro

New security challenges

When migrating to a cloud-based environment, companies need to take a hard look at their needs and the security of their providers, as well as their own internal policies. Many companies don’t take time to consider the risks of simply sharing cloud space with other organizations, for example, or how to match cloud security policies to those of the data center.

For organizations considering cloud migration, Radware provides nine proactive steps that companies can take to ensure a smooth transition and get tighter cloud security.

02 toes

Dip your toe in the water

There’s bound to be a learning curve with cloud adoption, and it might not go smoothly. Take the adoption in steps, starting with apps and data that aren’t mission critical. That way, downtime during adoption doesn’t have a major impact on your business. Also, sensitive data, such as anything that generates revenue, should be loaded into the cloud only after you’ve evaluated the security and reliability of your cloud host.

03 umbrella

Get out your umbrella

You’ll likely have some data on the cloud and some on your own servers. Plan for a coordinated security policy that acts as an umbrella that covers both environments. Complicating it further, apps hosted across the cloud sometimes have their own security systems. In a confusing environment, IT teams often end up losing valuable time and raising the risk of error. Find an umbrella that can cover a number of different cloud-based apps and that also provides the same technology and policy management for apps in the data center.

04 balance

Strike a balance between privacy and security

A network or cloud provider under attack will continue to receive legitimate traffic. Parsing trusted sources from attack traffic, however, requires some decryption which exposes potentially confidential information. Look for tools, such as behavioral threat detection algorithms that partially decrypt the least amount of data necessary to sort good traffic from bad. Discuss with your cloud provider which security protocols it uses, and the degree to which it can ensure that sensitive information remains private.

05 aware

Be aware of what you have in the cloud

You either know your employees are using cloud-based apps without permission, or you should suspect they are. In their wake is a trail of vulnerabilities that can lead to data loss or exposure. Cloud-access security brokers hunt for and defend against the vulnerabilities in cloud-based applications.

06 neighboor

Consider your neighbor

Even if you’ve taken steps to beef up security, you cannot control what happens to your co-tenant in the cloud. Sharing space with a vulnerable organization could put you at risk. IT managers need a working knowledge of the architecture and security a cloud provider offers so that if hackers target your co-tenant, you won’t see outages, slowed apps, and the denial of users based on geography. Be ready to ask whether your provider can separate attack traffic from clean traffic in the wake of an attack on a neighbor in the cloud.

07 standards

Ensure the cloud complies with your internal standards

Security protocols established by your cloud host may conflict with or fall short of those for your internal network. When encrypted sessions are terminated in the cloud, that’s a sign your cloud provider doesn’t make the grade. Double check to ensure that your provider’s platform conforms to industry and internal compliance standards, and if not, be ready to upgrade and modify security settings.

08 detection

Treat attack detection like you would in-house

The biggest difference between monitoring for attacks at an internal data center and in the cloud is that some assets won’t be in your direct control. Detection protocols must sit in front of cloud-based assets just as you would in your data center. A rapid response gives you time to assess and evaluate the attack and decide which mitigation resources to throw at it.

09 excels
REUTERS/Shannon Stapleton

Know where your cloud vendor excels

Cloud vendors differentiate themselves on price, as well as on features like speed. Distinguish, for example, cloud providers that excel at app hosting from those that focus on security and take a hard look whether a vendor fits your needs.

10 segregate

Segregate security duties

Parsing a hosting service’s security capabilities is a technical job that requires balancing risks. Don’t let business units outside IT commandeer ownership of security policy. Security concerns might be secondary to time-to-market and cost reduction features when other units begin selecting cloud assets. Be confident that the IT department has the ability to assess security.

Copyright © 2016 IDG Communications, Inc.

Related Slideshows