A theme that appears anytime the cloud is discussed in the context of IT is security. The general direction of this concern is the prevention of unauthorized access to cloud-hosted data and apps. If the topic is pursued, rather than just acknowledged as an issue, it generally forks into two main threads: preventing access by outside parties (hackers, crackers, protesters, and the like) and preventing access by inside parties, such as unauthorized employees.
Both issues are problems and in both cases the cloud platform vendors offer an assurance that is, at first blush, comforting. Namely, that providers deliver better security of the hosted data than most data centers can provide. The primary reason for this is that they have many full-time, dedicated resources watching security, monitoring threats, and enforcing access control. Moreover, the staff members know what to do in the event of a violation. It is true that this pool of expertise--especially at large cloud providers--is likely to significantly exceed the capabilities of most small-to-medium IT organizations and even some of the larger IT shops. And the few reports of any break-ins at cloud providers tend to support the view of good security.

The link for this article located at Information Week is no longer available.