Netwrix report: Nearly half of organizations storing PII in the cloud want it back on-premises

Security is near the top of almost every company’s agenda. So much so, that 46 percent of organizations that store customer personally identifiable information (PII) in the cloud are considering moving back to on-premises due to security concerns, according to this year’s Netwrix report on cloud data security.

“The report revealed that organizations are misled by the idea that moving customer data back on-premises will ensure data security,” said Steve Dickson, CEO of Netwrix, a vendor of information security and governance software.

Although large cloud servers are frequently targeted for hacks due to the vast volumes of data they store, cloud service providers claim that their systems are more secure because they are able to spend more on the industry’s best security solutions.

The annual report is based on a survey of 749 organizations that use private and public cloud services to store their data.

Half of the respondents said they store PII of employees and customers in the cloud but only 26 percent are willing to store financial data there, with intellectual property at 16 percent.

Other key findings revealed that 75 percent of organizations who store PII in the cloud and don’t classify all data experienced a security incident and 33 percent of organizations that store all sensitive data in the cloud had security incidents in a year-long period.

Accidental error and malware attacks have had a 14 percent and 11 percent increase this year, respectively. External attacks were down 11 percent in the same time span. As for who is a security threat, 33 percent of respondents pointed the finger at business users while 16 percent think it was IT. 36 percent were unsure, way up from just 6 percent last year.

The respondents want to strengthen their cloud data security with encryption, but 55 percent are managing it with the same cloud security budget that they had last year.

“Organizations need to inventory their data to ensure they know where all the customer data resides, migrate it to a secure location, and implement an auditing solution to ensure only the right people have access to the right data,” Dickson said.

The full 2019 Netwrix Cloud Data Security report can be viewed here.