In InformationWeek’s recent cloud security report, 52% of IT decision-makers whose company uses cloud services agree that their data is more secure on premises; only 19% disagree with that sentiment. And 55% of respondents prefer to keep sensitive data on prem, with only 16% disagreeing. Perhaps this concern is driven by the nearly universal belief (90% agree or strongly agree; only 1% disagree to any degree) that hackers will focus their efforts on cloud services this year. Indeed, we’re already seeing new cloud-based vulnerabilities in 2022, and last year revealed a burgeoning market in hacked cloud credentials.
I think the choice is clear – on premises may have specific issues (like upfront costs and AMC’s), but it is always desirable to hold to precious data. I can’t specifically mention “cloud vulnerabilities” and backed up data has usurious egress fees – therefore, one has to carefully weigh in associated costs. Besides, it requires careful optimisation. On premises offers a complete insight into security practices and a clear audit trail. The same could be said about the cloud, but the onus is on third party racks. How trustworthy are the cloud providers if their business lines cross with yours?