The process of locking down your cloud ranges from the obvious, such as making sure that everything requires a password, to the subtle, such as encrypting data locally before transmitting to the cloud (even if your cloud service offers encrypted data storage). Users need to be educated about the importance of following the procedures put in place to keep data secure. Any device, be it a desktop computer or the CEO’s smartphone, needs to be secured so that casual actions can’t compromise data security.
Creating a secure cloud infrastructure requires a number of components all working in unison. This includes password protection of data and devices; encryption of data, either on the local network, in the cloud, or as data is moved; encrypted and secure links between local networks and the cloud; password protection on any device or application that can access the cloud; and a comprehensive education campaign for users.
Why you should do this is clear, but the how will be dependent on the services you choose, what you store in the cloud, and how your corporate culture handles maintaining a secure computing environment.