It's not turd polishing, you get what you pay for.
If you want to host your own service in house that's fine. You buy the hardware and storage, software licenses, backup capacity, resilience, support, etc. If you add up what that costs to provide anywhere near the same level of availability then cloud starts to make sense.
Agreed there are potential security issues - nobody wants the NSA et al to be reading their data. There are ways to encrypt it in the cloud, but really, does anything you are storing need that level of security (you're not planning on blowing up a plane, are you?) And if you do need to maintain high security (FCA, DPA, etc), then you've probably already justified the cost of the hardware, storage, software licenses, backup capacity, resilience, support, etc.