What can IT teams do to keep data safe in the cloud?

Staffers constantly manipulate data which puts data at risk, so IT needs an environment that makes this practice harmless
By: | February 27, 2020
Damian Doyle will discuss database migration to the cloud and desktop virtualization best practices during his UB Tech 2020 session on how to implement an effective university cloud strategy.(gettyimages.com: metamorworks)
Damian Doyle is assistant vice president of enterprise infrastructure solutions in the Division of Information Technology at the University of Maryland, Baltimore County. He is a UB Tech® 2020 featured speaker.

Damian Doyle is assistant vice president of enterprise infrastructure solutions in the Division of Information Technology at the University of Maryland, Baltimore County. He is a UB Tech® 2020 featured speaker.

The main challenge of database migration to the cloud and desktop virtualization isn’t the actual implementation. Damian Doyle realized this when moving the University of Maryland, Baltimore County’s data warehouse and business analytics systems to Amazon Web Services and virtual desktops. As he says, this type of transition “isn’t new and has existed for a number of years.” The real difficulties lie in communicating this change to university staff members and ensuring his developers can work in the most effective environment possible.

Doyle, associate vice president of Infrastructure Solutions at UMBC, will outline a university cloud strategy, discuss the potential security issues that led his institution to go into the cloud, and share the benefits that came as a result during his UB Tech® presentation on designing protected, yet easily accessible environments. Visit ubtechconference.com for more on the event, to be held June 15-17 in Las Vegas.

What are some common security challenges associated with using data warehouses and business intelligence systems?

To be effective tools, data warehouses and intelligence systems need to store a lot of your data. This makes them a greater target for hackers. Additionally, there are usually numerous groups that interact with these warehouses and systems. At UMBC, ours were connected to 40 different data sources that pulled data from student housing, event management, student information and financial systems, among others. This made them a more attractive target.


Related: How to secure data institutionwide

Related: Considering AVaaS? 7 things you need to know


What normal staff practices concerning data pose as potential security risks?

One example is when staffers download reports or run analyses on a piece of data to see class enrollments or how students are transitioning between majors. Another is the transfer of devices. In IT, everybody can tell stories about a device that was passed from person to person, such as a new hire receiving a previous employee’s machine. That recently hired staffer will see the previous employee’s data and not know if it’s important, so they think, “I better copy it over just in case.”

The more you pull out data to manipulate it, the harder it becomes to keep track of where your university data lives. That is a major concern from a security standpoint. There need to be certain barriers in place to prevent this or you have to be diligent in making sure you have removed that data when you’re done.

What are some university cloud strategy actions that higher ed leaders should take?

At UMBC, we are pursuing cloud-based desktop virtualization that, when completed, will have all data living in the same environment. The data won’t migrate even when staff members manipulate the data. More importantly, this environment gives our developers the ability to work with our data effectively and provides UMBC with complete control so we can immediately push out and enforce software updates. Migrating to these virtual desktops was the second of a two-part phase that involved moving our data warehouse and analytics systems from our existing hardware to Amazon Web Services, which lives in the cloud.

What are the steps involved in database migration to the cloud?

The actual implementation of going into the cloud isn’t new. The harder piece is creating an environment that works for your developers and your university staff. IT often faces the problem of providing a great tech solution that nobody likes. IT therefore needs to communicate the process and the thinking behind it. For example, let staffers know that this new system won’t hinder their job and will put the university at less of a risk. Also, communicate that this new method will alleviate some of the pressure put on them. For example, staffers who manipulate data won’t have some ownership if their data is compromised under this new system. Lastly, make sure faculty and staff are involved in the process so you are meeting their needs the whole way through. This is the first step of getting that buy-in and having that partnership go forward.


Interested in technology? Keep up with the UB Tech® conference.