Exchange Server migration is a complex process. It requires much preparation and planning. One of the main issues of concern during the transition is security. Administrators are well aware of how important it is to ensure confidential information safety at all times, so that there is no data loss or leaks. Microsoft provides its clients with native tools used for migrations, but administrators often choose third party products in order to have more freedom in managing migration process. It is good to know why such a choice is made.
Using third party tools
Many organizations decide to use third party tools to migrate from one on-premises Exchange Server to another and for a variety of reasons. Some people find native options to be difficult in use or lacking certain functionalities. Native migration scenarios require a lot of time-consuming configuration and need to be started manually. Lack of scheduling feature discourages administrators who value flexibility and who do not want to be present e.g. on weekends. Others do not want to make a double hop migration, which is the only native way to migrate from Exchange 2007 or Exchange 2010. And that is only the tip of the iceberg. Whatever the reason, professional help is needed often. Let us look at security issues encountered while using the third party tools.
Using third party tools unlocks options which are impossible otherwise – thanks to them, migration becomes easier, and does not require as much time spent on system configuration. Another thing is that native migration scenarios do not always support migration of public folders. What is more, some third party solutions enable migration without any service downtime, which is unavoidable in case of a native migration. Last but not least, some migration tools offer detailed reports. Thanks to them, finding out what is wrong is simple and enables admins to solve their problems the right away.
Secure Exchange migration requires deep understanding of what happens with the items while they are on the move.
One of the most popular third party solutions, designed to help with migration, bases on a cloud service. Exchange mailboxes, with all their elements, are moved into the cloud. From there, they travel to the target server. This migration method is advertised as easy and quick. It usually has no hardware or software requirements, as the whole process is done by a cloud service. Using such a service takes the burden off an administrator’s shoulders. But how does it look like in terms of security?
Data leaves your servers
The first problem is that mailboxes and their content leave your servers. You know the security measures you implement on your servers to secure confidential data. You know that information must be protected well, as it is any company’s wealth. Cloud based migration solutions may be fast and easy, but they add another security threat, as you cannot be sure of the protective measures implemented in this unnecessary additional step.
Cloud security risk
Speaking of the security of data in the cloud, there are quite a few different opinions on it. Despite the fact that cloud systems have matured over the years, some security risks still remain. The most important one of those risks is the fact that by using a service, you agree to cede governance over your files to another company. It is a question of trust, but as many people in IT claim the greatest danger is that of malicious insiders – here you face the risk of such insiders who are not even a part of your company.
Another thing – as you probably know, the data does not disappear when thrown into a rubbish bin in your computer, or even when deleted “permanently”. To completely delete a file, it needs to be overwritten or erased using a professional software. It might mean that your files still reside in the cloud, even after the migration has ended.
Even if the mailboxes and their elements are not stored in the cloud ‘per se’, they have to be cached in there during the migration process. Of course, we can trust cloud service providers when they promise to keep our data safe. However, in case of some confidential data, you would not want the slightest risk of even a partial leak.
Potential unlawful actions
Finally, there is an aspect of security entirely different from the ones above. When dealing with cloud computing, it is hard to determine where the data is, physically. There are certain regulations which forbid storing personal data i.e. outside of EU. You have to make sure that the cloud software is compliant with data protection directives.
Remember, ultimately you are responsible for your own data and its safety.
Alternative to cloud based service
Cloud solutions, despite being very popular and well-advertised, are not the only option. A good alternative to them is a third party software which is a self-service. Such a solution does not send mailboxes through the cloud. Every program of this type has a couple of clear advantages:
- It does not include any intermediary servers – data does not leave organizations and is handled only by your very company.
- There is no possibility of migration stopping due to a server unavailability.
- You do not have to give your or your users’ credentials to anyone, or enter them in any online forms.
Probably the best tool for secure on-premises Exchange migration is CodeTwo Exchange Migration. Apart from the features stated above, it also offers other security-oriented functionalities:
- All data is encrypted before hitting the Internet.
- Every item is copied and then moved, so in case of an error, nothing is lost, also there is no downtime for users.
- Detailed reports make it easy in case not all items get migrated. Because of that, not even a single item will be left behind.
Security of your data is the priority number one for us. However, CodeTwo Exchange Migration is not just about the security, it also has a lot features which make the migration process easy, seamless and automatic. To learn more about secure Exchange migration using CodeTwo software, visit this site.
CodeTwo sp. z o.o. sp. k. is a controller of your personal data.