The State of Maryland encompasses 25 independent agencies to serve over 6 million citizens who rely on the State to keep their sensitive data secure. Maryland used Virtru to add a crucial layer of data-centric security and access control to regulated private data as part of a broader project to migrate emails and files to the cloud.
We spoke with Ken Cheney, Acting Chief Information Officer at Maryland’s Department of Education, to understand the process and challenges of migrating to the cloud while maintaining CJIS compliance.
Why did you decide to start your secure cloud migration project?
We migrated our files to the cloud for two main reasons. The first was to consolidate our email servers. We have 25 different agencies throughout the state, and before the migration, each had their own email server that had to be managed separately – a severe burden for our small IT team. Security was the other primary reason. Given the sensitive nature of our data, we need the highest security standards, and the cloud is unrivalled in this area. Consolidating workloads into a single, managed platform running on hardened infrastructure was a no-brainer from a security and efficiency standpoint.
What were your organization’s biggest challenges throughout the migration?
Our biggest concern for the migration was ensuring user adoption after the process was completed. Training was essential to ensure engagement with the new system. Moving to the cloud also brought new concerns around compliance and privacy. Our departments handle private data that is subject to strict regulatory compliance requirements like Criminal Justice Information Services (CJIS), and there were concerns that we would lose direct control and oversight of that data when moving to the cloud. Virtru’s end-to-end email encryption and security expertise allowed us to achieve both efficiency and peace of mind by keeping control of our data.
What made you choose Virtru as your data protection partner for the migration?
Virtru was chosen over other competitors because of the added security levels it added to throughout the migration. With Virtru, the process was entirely compliant with CJIS security policies. Virtru has been a great partner for us over the years; whatever question we have, their team is always happy to go the extra mile for us!
What advice would you give to those thinking of migrating?
I recommend being extremely explicit about your requirements and intended benefits. We had an extremely clear brief to consolidate email servers and streamline processes while keeping our data encrypted, private, and compliant with CJIS. This made the project move smoothly and allowed Virtru’s data protection to fit right into the process. Also I suggest using in-house employees to train your team. Invest in making experts out of a select group of people in your organization and get them to share their knowledge. Not only do people respond better to training from peers and colleagues, but this way your trainers will have an intimate knowledge of the organisation which really helps when rolling out the new systems.
“We are very happy with our move to the cloud, and Virtru enabled us to make this transition securely and seamlessly. It’s much more efficient for our 44,000 users to use one email system, and we have saved a great deal of time and resources internally.”