Data security concerns have prompted many organizations that store customer personally identifiable information (PII) in the cloud to consider moving it back on premises.

That’s according to the 2019 Netwrix Cloud Data Security Report. The annual report is based on feedback from nearly 750 organizations that use private and public cloud services to store their data.

Some 46% of organizations are considering moving PII back on premises. Of the half that store customer data in the cloud, 39% had security incidents in the past year and more than half of those couldn’t diagnose the problem.

Ken Tripp, Netwrix‘s director of channel accounts, tells us small businesses extensively are using cloud storage and are leaders in implementing a cloud-first strategy.

Netwrix’s Ken Tripp

“To support SMBs that rely on the cloud, MSSPs should provide them with affordable packages for cloud security,” he said. “These packages should include, but are not limited to: data discovery and classification functionality, as the study’s results prove that knowing your data decreases security risks to it; auditing capabilities to understand what happens around sensitive content and detect issues at early stage; [and] data loss prevention (DLP) and cloud access security broker (CASB) solutions for stronger protection.”

Second, cybersecurity providers should offer their customers optional compliance services for the cloud, Tripp said. With today’s data privacy laws, there are many businesses that are new to compliance and the demand for affordable and reliable compliance services will grow, he said.

“Finally, MSSPs and other cybersecurity providers should consider offering cloud consulting,” he said. “The survey’s results demonstrate that a considerable number of organizations failed to reach their goals for the cloud migration, such as data security and cost reduction. It means that organizations need professional guidance before and after cloud migration to ensure that they don’t lose the focus on core goals.”

Other findings revealed by the report include:

“The finding that gave us an unpleasant surprise is that the ability of organizations to identify the actors responsible for incidents has diminished significantly — 36% of respondents were not able to determine who caused a security incident, as opposed to 6% in 2018,” Tripp said. “This is quite disturbing and demonstrates that organizations …

… do not have enough visibility into their IT infrastructure to conduct effective investigations. But more importantly, with such a fragmented knowledge of what is happening across their cloud storage, they have almost no chance to learn how to prevent similar incidents in the future and protect sensitive data.”

“Unclouding” wouldn’t be a mistake, but in most cases it’s a costly and time-consuming activity that will hardly resolve an organization’s problems, he said.

“Indeed, organizations that moved customer PII to the cloud to improve their security posture didn’t get the level of protection they expected,” Tripp said. “But here are a couple of questions I would like to ask organizations before they leave the cloud. Are you moving all of your customer data back? Who will have access to it? And is there any guarantee that your customer PII will be more secure on premises? De-clouding will be pointless if you lack knowledge about what data you have. Contrariwise, knowing where your data resides, which data you don’t need and which data requires (the) most protection will enable you to manage your data more efficiently and ensure its security in the cloud.”

“As regulatory concerns continue to increase toward some unpredictable future peak, cloud-using organizations must increasingly demonstrate that they are governing cloud use,” said Steve Dickson, Netwrix‘s CEO. “As a consequence of ceding some control, you should expect to perform more monitoring of cloud activity, to demonstrate that governance procedures are in place and are being followed.”