Hi infosec professionals,
When it comes to the migration of petabytes of data (with video & audio files), the cloud service providers usually would recommend moving the data physically.
In such a case, how could a security breach be avoided? Any recommendations or best practices, please?
Thanks.
There are four major risks that need to be managed:
(1) data theft
(2) data integrity
(3) compliance
(4) project timeline.
For #1, most cloud providers support AES-256 encryption on the devices they ship (for example, Azure Data Box).
For #2, it is recommended that the migration team uses proven processes and technology to copy the data and avoid less mature tools. Robocopy is a proven one.
For #3, the cloud providers also shred the data after it is moved to the cloud as per NIST standards and issue a compliance letter.
For #4, an experienced project manager can anticipate and avoid delays.
Using a solution that leverages data encryption in-flight will protect your data.
Cirrus does block migration with data reduction and encryption. Media, as you describe, are typically files.