You've decided to use a cloud provider. That way all your data will be available to you no matter where you log in from and the cloud provider will take care of everything for you. Or will they?

It is important to consider security of the different offerings as you evaluate your options. Many organizations have gotten burned by assuming the cloud provider was offering more security features then they were. If you are hosting a product in the cloud, it is vital to ensure the security model used. Many cloud providers offer a shared model- meaning both you and the cloud provider have security responsibilities. For example, if your organization does not update your virtual machines you may end up with vulnerabilities that could potentially be exploited. Your cloud provider might or might not be providing security monitoring services. Many times the provider offers these services, but for an additional cost.

Think about what data you are putting in the cloud. Is it something that if compromised would damage your business? Could it put you out of business if something happened? If your putting high risk data in the cloud you need to make sure it is appropriately protected. How is authentication handled? Does the service offer multi factor authentication? Is the data encrypted before you put in the cloud? What level of encryption is used? These are just a few of the things you need to consider, before you take the leap and outsource your IT infrastructure.