A common question about the cloud is whether it’s more secure than a data center. But that’s the wrong question to ask. Instead, customers and potential customers of public cloud services–whether infrastructure-as-a-service, platform-as-a-service, software-as-a-service, or some other as-a-service–need to ask whether a cloud provider’s controls are sufficient to limit the risk a customer is willing to take with its data.
Most cloud providers say, “Trust us, we’re secure.” But you shouldn’t take them at their word. A variety of options are available to assess a cloud provider’s controls: basic questionnaires, standardized reports, technical audits, vulnerability scans, and full-blown penetration attempts that put a provider’s security to the test.
You must assess the pros and cons of each approach and find the provider that takes the same (or better) care with your data as you would. It’s not easy, but it’s a lot better than cleaning up the mess left
We recommend you visit the following site for more complete information and related topics. Article source: http://www.informationweek.com/global-cio/security/dont-trust-cloud-security/240005687