Because of its size and significance, the cloud-computing environment is often a target of malware, brute force, and other attacks. It is important to ask your service provider about access controls, practices to assess vulnerability, and patch management controls and configuration. This is to see whether they can sufficiently protect the system and personal information.
Sharing important data with a cloud computing service provider involves the transfer of a significant amount of organizational controls over data security to the service provider. It is therefore important that the service provider understands the needs of the organization's privacy and security.
It is also important that the service provider is familiar with the rules on the security and privacy of data that are applied under its own jurisdiction.
The prime risk involved in business continuity is the loss of internet connectivity in the cloud-computing environment. It is important to ask service providers who are in charge of securing an internet connection. You need to have a back-up plan while the service is unavailable. If a vulnerability is identified, all access to the service provider must be terminated until the vulnerability is resolved.
Many organizations are not aware of where data is located and where is it being processed, which leads to difficult data management.