Cloud computing remains a hot topic and the object of a lot of investment. Like a lot of trendy technologies, the pace of adoption has run ahead of the pace of related compliance and security development. Now is a good time to ponder this issue, especially as the cloud discussion intensifies, which will happen sooner or later no matter where you work. CIO offers four essential tips for dealing with compliance concerns.

1. Be aware of the added IT work load. You may face requirements about storing data on servers in specific countries. In addition, new burdens--such as multi-tenancy and de-provisioning--will crop up. Basically, every compliance process you undergo now will have to be thought through from a cloud perspective. You should not assume the in-house work will decline magically.
2. Track the standards. One expert told the magazine: "Standards like ISO 27001 and SAS 70 are helpful but they're point-in-time. And they aren't very specific when it comes to data security, identity management, administrator controls things like that." You will have to be creative in some cases about compensating controls. You should also pay attention to the Cloud Security Alliance, which is working on a GRC standards suite. 
3. Examine service level agreements. Don't settle for a garden variety, one size fits all contract. You owe it to your company to be specific.
4. Make security a priority. Short of encrypting all information that your company moves to the cloud, there will always be security concerns. The cloud provider will generally not accept liability for breaches and leakages. Which means you need to involve your security managers as you make key decisions.

For more:
- here's the article

Related articles:
Financial firms climb deeper into clouds for compliance
Role of encryption rising