People are hoarders by nature. Year after year, we accumulate new things – some that we need, and some that we will never touch again after one use. This stockpile adds up, and when it comes time to move, you have no idea what you have packed away behind closed doors.
The same notion rings true for the data collected at your company, except you must consider privacy and safety concerns as you pack. While the movement toward the cloud provides an opportunity to eliminate the expense of on-premises server maintenance, assessing your information prior to migration is essential to ensure that you are adhering to compliance regulations, retaining and classifying information, and enforcing the specific policies of your organization.
Migrating content to the cloud is more complicated than just packing up data and shipping it off to a new location. The amount of data you have stored can be nearly impossible to understand at a glance. Therefore, the focus of the migration must center on the security of your information to promote future organization and prevent data from falling into the wrong hands.
Understand your data
When you begin a migration project, you are preparing to move people – not just data – to a new system. You must consider employee behaviors to better understand, classify, and govern data before you make the transition. Data can become a liability, and it is vital to understand the behaviors of your employees:
- People hoard information: Employees retain information because it is easier to keep everything rather than decide what actually can or cannot be eliminated.
- People are generally bad at classification without the right tools: Employees may not have any way to indicate the currency of a document, which leads to poor search results – especially when a new member is added to a team and is unfamiliar with organizational processes and policies. This can lead to mistakes, confusion, and delays.
- People are negligent with access controls: According to the “2015 Cost of Data Breach Study” conducted by the Ponemon Institute, negligent insiders are one of the primary causes of data breaches. In fact, 25 percent of organizations surveyed said negligence was the root cause of the data breaches.
Even though you are aware of the large amount of unknown content on your system, you may be considering starting the migration process without discovering what you have. While you have the option to simply push content from one system to another, doing so can lead to increased expenses and legal considerations. According to the “2015 Cost of Data Breach Study”, the average cost of a data breach can reach a staggering $3.79 million. Additionally, organizations storing classified content must consider the legal ramifications of cloud storage as opposed to on-premises.
You need a way to analyze the content to help alleviate the risks. Classification of the information serves to do just that.
There are numerous ways to classify information, including assessing the contents of a document, determining the security level of its location, or figuring out which department authored the information. When you are beginning the classification process, consider these strategies:
- Classify content: Keep the analysis simple and utilize only one search field each for sensitivity, relevance to the business, and deciding retention. Wherever possible, make this decision for your users to simplify the process.
- Classify automatically: Using automated systems for tagging files and similar processes can reduce the possibility of human error and avoid unnecessary fines.
- Classify context based on purpose: Each service request type can have instances created to target divisions of an organization. Creating divisions based on specific departments gives each team access to and control over their information.
- Classify owners for accountability: If employees are held responsible for their data, data managers can get involved in the content management process and maintain relevant records and information.
Once you understand and classify all of your information, the transition to the actual migration phase can begin.
Plan migration strategies
We have seen that complications are possible throughout the migration process. To have the most successful transition possible, there are some things to consider:
- Enable retention before migration: By archiving sites and content, you can report on files to pinpoint usage, reduce costs, and ensure that unneeded content is deleted before migration.
- Use people tags to establish ownership: Get users engaged in the migration to ensure that all existing or new content has an owner.
- Use tags to drive governance policies: Using site tags to set global policies for sharing and external users to ensure future compliance.
- Use content tags to drive governance policies: Increasing the visibility of items during the migration, using tags as filters for routing content, and correcting errors in share requests will support the growth of governance policies.
Companies must understand that data is people-centric, and the needs of end users and IT alike must be considered before, during, and after a migration. Since most users will not discover and classify sensitive data themselves without the proper tools and guidance, employing an automated system can alleviate privacy, security, and productivity concerns. In many cases, people have likely left behind a mess of permissions and versions throughout the old system, and you will need to automate governance policies in order to have a seamless migration.
It is natural to keep stockpiles hidden behind closed doors. All of the things we accumulate are constantly adding up and can easily overwhelm us when it’s time to move. When it comes to the data collected at your company, knowing how to sift through and move items effectively can protect and secure your content. Investing in an automated program that enforces compliance standards while governing employees and information allows you to optimize your environment so you can make a smooth, secure transition to the cloud.