Cloud security is again a top concern for citizens and organizations alike. NSA’s PRISM program, and the fact that information residing in multiple cloud-based services have been allegedly analyzed by the NSA, raises many questions around cloud security not only for SaaS consumer portals (such as Facebook, Gmail and more), but also for Infrastructure as a Service (IaaS) cloud deployments such as Amazon Web Services. So far, it seems IaaS was not tapped as part of PRISM, but we are already hearing questions: how secure is the corporate information residing in Infrastructure as a Service, can the government lay its hands on that information without anyone knowing about it, and what can be done to keep control of our information in the cloud?