I’ve received a lot of questions lately about security in the Cloud and what CTOs should be considering when they are evaluating it. Here’s my advice, treat the Cloud like an extension of your corporate or production network, don’t treat it or hold it to a lower standard assuming that your cloud provider knows more than you.
If you have requirements that you can’t get in your Cloud solution make sure that not getting those requirements constitutes an acceptable risk or tradeoff. In evaluating a Cloud provider here are some critical questions to ask.