Considerations for a Secure Data Transfer of Large Data Sets

Published On January 27, 2018

As more companies are adopting digital transformation strategies, they are also migrating to new technologies. In addition, they are moving large amounts of data to the new platform – which creates challenges around time and effort.

Secure data transfer has become a reality for tape, thanks to encrypted data and chain-of-custody procedures. Unfortunately, in the new cloud frontier, the same may not always be said for the secure data transfer of large data sets to (or from) the cloud. How do you transfer large data from a cloud vendor back to your organization’s premises? Or transfer it between two separate cloud vendors?

Experienced cloud providers have physical devices, appliances and service options for some scenarios. But, why not ask a few questions to ensure secure data transfer?

Most organizations can’t use their own network to move a lot of data to the cloud. Data Center Knowledge published a Google chart demonstrating this issue. Need to transmit 100 TB over a 10-Gbps connection? Plan for 30 hours. Have only a 1-Gbps connection? Try 12 days!

Beyond the initial cloud ingest, other scenarios might require a physical data transfer of lots of data via some type of appliance. These situations could include switching cloud providers, decommissioning data centers and undertaking large data migration projects. Large-scale disaster recovery might be another reason. Following a widespread disaster, you might need to bypass network limitations for faster access to your hundreds of terabytes.

In order to ensure an easy, secure data transfer, you have to ask the right questions. Here are some things to think about asking your provider before handing over your large data sets.

What is required of me? Ideally, in any of these physical transfer scenarios, you don’t want to have to purchase the hardware device, write the associated code for it or micromanage the process of getting the data uploaded or migrated. This should be part of the service. But, it’s important to ask — so you know how much elbow grease may be required on your part.

What if I have to transfer to a different cloud provider? If you use a cloud provider or third-party service, ask whether the physical transfer will enable you to move your data out of one cloud and into another provider’s cloud. If so, what are the costs and security measures needed to secure (and securely delete) data, where needed?

How is the data secured? Ask how your data is secured while in transit, during ingest on either side and after the ingest is complete. What happens to the data on the device? How do you know if it’s been erased or cleared properly after the ingest process? What’s the ending point of the chain of custody for verification?

What chain-of-custody procedures do you follow? This involves documentation, auditing and ITIL best practices the provider may follow to track the assets and who accesses them. For organizations in regulated industries, ask how this process meets specific compliance or security requirements.

In this case, good data management means performing your own due diligence and asking the same of your provider. This will help ensure the data transfer process is smooth and secure.