Data migrations: Potential security hole

While 95% of organisations move data at least once per year, 65% of those surveyed admitted that they were not confident sensitive data was protected during a migrationm, according to Varonis.

The research, conducted in August 2012 with C-Level IT executives, revealed that while migrations and consolidations affect virtually everyone, 96% of respondents reported concerns when performing data migrations, with many leaving their data overexposed and vulnerable.

Respondents listed the most challenging and time consuming aspects of performing data migrations as maintaining availability (68%), identifying and cleaning up old, unused or redundant objects (67%) and keeping data safe by ensuring correct access permissions (59%).

Despite these security concerns, a worrying 65% admitted that they were not very confident that sensitive data was only accessible to the right people during a migration. In fact, 79% admitted that they could not guarantee that their folders and SharePoint drives were safe from global access groups, with one third of these admitting that unprotected folders were rampant or unidentifiable. This is particularly worrying as nearly a third of migrations and consolidations are due to mergers and acquisitions, often leaving unprotected folders open to thousands more people after a migration.

David Gibson, VP of Strategy said: “The survey underscores that maintaining who has access to what is an ongoing problem for organisations. The scale of the problem that organizations face when moving terabytes of data may be surprising, as a typical terabyte contains about 50,000 folders, and of those folders about 5%, or 2500 folders, have unique permissions. An average access control list (ACLs) contains 3-5 security groups, and a typical group contains anywhere from 5-50 users, as well as other groups that contain even more users and groups. Let’s say each access control list represents 5 minutes of work to re-create—that’s over 200 hours of work per terabyte of data moved.”

With IDC estimating that 90% of the 1.8 zettabytes generated in 2011 is unstructured and predicting that over the next decade, the information managed by enterprise data centres will grow by a factor of 50, the scale of this problem is likely to explode even further – making manual management of permissions and migration virtually impossible.

When respondents were asked which features they would like in a technology to help automate migration activities, their responses aligned with their challenges and concerns. Most hoped for a solution that could provide easy selection criteria for choosing what data to be moved, automate incremental copies (allowing users to use source data during the migration), and automate permissions optimisation.

More about

Don't miss