Protecting Data on the Road to a Successful Migration

Protecting Data on the Road to a Successful Migration

How do you conceptualize a complex migration? Perhaps you see a convoy of virtual semi-trucks loaded with data, traveling a fiber optic highway to their intended destination. They may converge with other semis coming from multiple other sources. Your job is to orchestrate this massive data delivery and make sure it all arrives on time without traffic snarls or delays.

This is precious cargo, and the journey won’t be a success if the convoy loses a load. That’s a very real concern, because bandits and hijackers lurk along the way. You need to have skillful drivers with good navigation skills, and you must also secure the load from whatever they may encounter on the way.

Whenever you’re planning a migration, you have to be confident that your data’s trip down the virtual migration highway will be safe and secure. MigrationWiz is not only your map of the fastest and most efficient route, you can also think of it as your highly trained, sharp-eyed security detail.

When you execute your migration, there won’t be any semi-trucks pulling up in front of your building. Of course not, because MigrationWiz is a fully SaaS solution. Another thing you may not see are the multiple layers of data protection we’ve built in. So buckle up – we’ve got a lot to share: Every MigrationWiz license includes enterprise-grade security that follows current best practices to protect information before, during, and after your migration.

App-based authentication

For SharePoint, Teams, and OneDrive migrations, MigrationWiz supports application-based permissions. This means you’re not using a Global Admin account to access resources on either the Source or Destination, and you can perform the migration using read-only application permissions at the Source.

Modern authentication

For migrations involving Office 365, MigrationWiz supports token-based modern authentication based on OAuth 2.0. You won’ be using basic authentication (usernames and passwords) at either the Source or Destination. Basic authentication is well-known to be vulnerable to multiple forms of attack including password-spraying, brute-force attack, and phishing. In fact, it’s currently being phased out on all workloads by Microsoft.

Least-privilege access

MigrationWiz can perform specific tasks using administrator accounts with the lowest level of user rights. Global administrator accounts do not have to be used unless absolutely necessary. You can use temporary administrative credentials and impersonation rights for email migrations and app-based authentication for document migrations.

Application, data, and network security

BitTitan adheres to all applicable security standards, practices, and controls, whether required or recommended. This includes encryption, data retention, and frequent penetration testing along with hardened and redundant data centers.

Zero deployment

BitTitan products operate outside of firewalls, connecting to messaging systems the same way any external user would. There’s never a need to install third-party software inside your firewall or network.

Mailbox data

Mailbox data (including subjects, bodies, attachments, etc.) are not stored on BitTitan servers. In some cases, the data may be cached temporarily in order to optimize network throughput, but it’s wiped immediately once a mailbox is migrated.

Mailbox credentials

Mailbox credentials are stored using military-grade AES encryption. Those credentials are immediately purged from the system once you delete the corresponding configuration to which it’s associated.

Auto-purge policy

BitTitan has implemented an automatic purge policy that will delete any configuration that’s not used. If a migration isn’t performed within 90 days (either of your last migration or creation of configuration, whichever is later), data is deleted from our servers. 90 days is the default setting, but MigrationWiz also allows you to configure this to be a longer or shorter period.

Data centers

BitTitan uses Azure data centers, which are compliant with ISO/IEC 27001/27002:2013, SOC 1 Type 2 and SOC 2 Type 2, PCI DSS Level 1, FISMA, HIPAA/HITECH, CJIS, CSA CCM, FERPA and others. When setting up your migration, you can select where you want your migration to be processed from these data center regions: Australia, Europe, North America, Japan, South America, and Southeast Asia.

You won’t need a truck driver’s license to manage a complex migration. All you have to do is pick up some MigrationWiz licenses and you’re ready to hit the (virtual) road – safely and securely.


Share this Post: