title: “[03] CISSP Cheatsheet - End-of-Life (EOL) Systems and Migration to CSPs” date: 2026-07-05 authors:
- Your Name
๐ Topic: End-of-Life (EOL) Systems and Migration to Cloud Service Providers (CSPs)
Domain: D7 โ Security Operations / D1 โ Security and Risk Management
Tags: #cissp #cloud #migration
๐งพ Definition
EOL to CSP covers planning and executing migration from end-of-life on-premises systems to cloud service providers, including data migration, decommissioning, and ensuring security and compliance in the cloud.
๐ Key Points
- Perform inventory and data classification to prioritize migration of EOL assets.
- Apply secure migration practices: data sanitization, encryption, validation, and testing.
- Review CSP shared responsibility models, SLAs, and compliance posture.
- Plan decommissioning, data sanitization (NIST SP 800-88), and contractual exit strategies.
โ ๏ธ CISSP Insight
- Migration is both a security and governance activity; failure to sanitize decommissioned assets or misconfigure cloud services can introduce new risks.
โ๏ธ Key Difference / Trap
- Cloud shared responsibility
- Understand what the provider secures vs what the customer must secure (data, identities, configurations).
- Trap: Assuming CSP handles all security; misconfigured cloud resources (e.g., public buckets) cause breaches.
๐๏ธ Example
An organization migrates an EOL database to a managed DB service with encryption at rest, customer-managed keys, network restrictions, and post-migration validation to ensure access controls remain correct.
๐ References
- NIST SP 800-88 Rev.1 โ Guidelines for Media Sanitization
- NIST Cloud Computing Security Reference and SP 800-144
- Vendor shared responsibility documentation (AWS, Azure, GCP)
๐ Quick Recall
- Inventory โ classify โ migrate securely โ sanitize EOL systems; verify CSP responsibilities