Enterprises want their existing data center footprint to remain in normal operation during a live migration to the public cloud. And protecting data across every stage of workload migration has become a principal concern for operations.
Live VM migrations to the cloud are an essential part of running a more efficient data center and meeting complex compute, storage and application demands. But administrators face daunting cloud migration security challenges, especially considering the need to fulfill pre- and post-migration configuration requirements.
Ensure live migration integrity, safeguarding data
During live migrations, administrators strive to maintain a balance and minimize the burden on system and network resources, but VM snapshots and data replication can impact application performance. Moreover, the sheer size of certain VMs will involve the transfer of large amounts of redundant -- and often sensitive -- data across both secure and unsecured networks.
Migration via network opens the door to various types of attacks, so organizations need to stay up to date on the latest threats. For example, an attacker can take a rogue VM snapshot and boot up a VM in a different context than it was originally deployed. Then, a hacker could use stolen credentials to duplicate and pilfer the snapshot or install rootkits or other malware for continued access. Thrashing represents a persistent denial-of-service attack in which hackers force repeated migrations and disrupt data center processes by consuming system resources.
In addition, the smash-and-grab attack forces a source or destination VM image into a persistent bad state with the goal of disrupting operations or exfiltrating data. The good news is that operations can deploy effective responses in each of these cases to mitigate potential damage. There are four ways to protect your data:
- Image backups: Image backups offer the most basic response to cloud migration security threats and should be a part of every operations toolkit. It ensures the capture of all information, including registry keys, license keys, settings and application-specific data. Administrators can rely on image backups to ensure they always have a stable image for reference, in case a live migration fails or a disaster occurs.
- Customized scripts: Operations can customize the live migration process through the use of scripts. Administrators can ensure smooth migrations by customizing scripts and inserting recovery support at both the source and destination hosts. Scripts can also be used to adjust permissions or update runtime parameters.
- Erasing old VMs: A VM footprint left behind on the source server is another clear data threat. Based on that stored VM image, an organization can still be vulnerable to cyberattacks and exfiltration by malware. Operations can neutralize the threat and further extend protections by eliminating old VM images from a disk.
- Shielded VMs: Shielded VMs ensure the high availability and fault tolerance of regular VMs while providing a high degree of data security during live migrations. When IT teams combine firmware-based Unified Extensible Firmware Interface Secure Boot and a virtual Trusted Platform Module, a shielded VM can generate and store encryption keys and more effectively protect data through Secure Boot and Measured Boot. Working in tandem, Secure Boot ensures that a VM will run only authenticated software, while Measured Boot checks current VM configurations against previous baselines to ensure data integrity.
The role of cloud security tools
Organizations building modern hybrid environments can use live migrations to move to the cloud with greater ease and little disruption, but -- as we previously mentioned -- there is still a risk in moving data across secured and unsecured public networks. To counter this threat, admins can use tools that eliminate the possibility of a successful attack. These services also reduce threat uncertainty and administrative overhead.
For example, VMware vSphere vMotion is intuitive and easy to use, and it provides protection during live migrations through encrypted end-to-end security. The tool answers the growing demand for cloud migration safeguards that are both comprehensive and efficient. VMotion shares migration specifications between the source and destination ESXi hypervisors and encrypts all packets using a single encryption key. Once the packets are decrypted on the receiving side, the encryption key is safely discarded, which further eliminates any threats to data integrity.
Offering similar data protections, AWS Snowball is geared to large-scale data centers that must protect the transfer of terabytes of data to AWS-hosted environments. Constituted of a dozen hard drives in a single, briefcase-sized appliance, Snowball offers an embedded GUI that enables administrators to interface with the controller and set migration parameters.
Once connected to a local network, the software client initiates the first stage of the migration process with secret access keys. Snowball automatically encrypts and copies data to the appliance. After the transfer is complete and the appliance locked, an AWS courier transfers the device to the cloud provider. AWS performs a post-migration software erasure based on NIST guidelines to ensure data security.
Microsoft and Google offer similar physical devices to transfer data to their respective public clouds.