Don't bring your bad security habits to the cloud

Not enough enterprises are using their cloud migrations to finally bring their data security up to snuff

 Don't bring your bad security habits to the cloud
Credit: Flickr/J. Ott/Remixed

Data consolidation in public clouds is all the rage these days, for good reason. You typically have data scattered all over the place in your enterprise, and relocating to the cloud means you can finally get what data experts like to call a "single source of truth."

Even better, big data technology is native to most public clouds, including Amazon Web Services, Google, and Microsoft. Thus, you can not only centralize on a public cloud platform, but do big data management as well.

However, I often find that data security has been an afterthought in cloud migrations. Although enterprises may have encrypted some data, especially where the law requires encryption, they don't encrypt most of their data. Moreover, even if the data is encrypted at rest (when it’s in a virtual storage system), it's usually not the case in flight (when the data is moving from place to place). 

Another issue involves the granularity of the data security -- the ability to turn off objects, rows, attributes, fields, or however your data is stored logically to meet the exact security needs of an application. Typically, access is an all-or-nothing proposition, so you get situations such as the shipping clerks having access to the HR data, if they know what they are doing.

You should consider security as a systemic concept in the public cloud, no matter what its structure or state. Keep in mind that there is no one-size-fits-all security approach. The amount of encryption, use of identities, access logic, and hacker defenses needs to match the requirements of and risks around the data.

This is not a cloud-specific issue, but a migration to the cloud is your chance to up your data security. If you don't improve your data security when you move to the cloud, when will you actually do it?