Cloud Security Concerns Cause Many to Consider ‘Unclouding’
… do not have enough visibility into their IT infrastructure to conduct effective investigations. But more importantly, with such a fragmented knowledge of what is happening across their cloud storage, they have almost no chance to learn how to prevent similar incidents in the future and protect sensitive data.”
“Unclouding” wouldn’t be a mistake, but in most cases it’s a costly and time-consuming activity that will hardly resolve an organization’s problems, he said.
“Indeed, organizations that moved customer PII to the cloud to improve their security posture didn’t get the level of protection they expected,” Tripp said. “But here are a couple of questions I would like to ask organizations before they leave the cloud. Are you moving all of your customer data back? Who will have access to it? And is there any guarantee that your customer PII will be more secure on premises? De-clouding will be pointless if you lack knowledge about what data you have. Contrariwise, knowing where your data resides, which data you don’t need and which data requires (the) most protection will enable you to manage your data more efficiently and ensure its security in the cloud.”
“As regulatory concerns continue to increase toward some unpredictable future peak, cloud-using organizations must increasingly demonstrate that they are governing cloud use,” said Steve Dickson, Netwrix‘s CEO. “As a consequence of ceding some control, you should expect to perform more monitoring of cloud activity, to demonstrate that governance procedures are in place and are being followed.”