Data Migration to the Cloud

– Patrick Kerpan, CEO, CohesiveFT, says:

When we first started using AWS public cloud and other virtualized environments in 2006, we weren’t sure what kind of data and workloads our enterprise customers would migrate to the cloud. Some early industry watchers predicted the entire IT operation would move in one leap, others thought only non-critical, internal operating systems would migrate.

We first thought that no Database would ever migrate to cloud. Yet, we realized there might be a difference in database versus Database. A Database, a stand-alone, massive collection of compute and storage, would not make sense to move first into cloud. But on the other hand, a database that only supports an application would actually make sense to be cloud-based.

So what is the difference between a Database and a database? Specific databases can scale up and down with their applications and are easier to manage via cloud. Early customers used web apps, capacity expansion, and failover with public cloud. These cloud use cases usually involved some databases just to function, but it was never a huge Database with critical customer information, accounting data, or production.

As more and more customers are using production systems in public, private and hybrid clouds we now see Databases. Things like big data, clusters of compute resource, and cloud-only businesses are creating the need for larger, more critical data in cloud.

The only caution: security. As more mission-critical systems and operations move, cloud users must be able to attest to their own security. Usually, providers offer firewalls, edge protection, isolation, and hypervisor rules. But, who really owns those security features? Cloud providers. Service providers often write in their SLAs that the ultimate responsibility for security lies with the cloud users.

How can cloud users guarantee their databases and Databases are secure in cloud environments?  Network security measures, including software defined networking (SDN) and overlay networks, can insulate databases or Databases from unwelcome eyes. SDN allows cloud users to separate security controls away from the hardware level.

The difference between traditional networking and SDN is control.  The software defines the network as a whole, not each device. The software definitions allow for external access to the innards of switches and routers that formerly were closed and proprietary. With SDN controls, database / Database owners can control their own network firewall, data encryption, and crypto keys. SDN adds layers of security in on top of cloud providers’ offerings, hence overlay networking.

Related Video