The issue of security inevitably crops up with any cloud migration. Even companies that don't deal with highly sensitive customer data or confidential security reports usually have something they would like to protect. Recent research has suggested that the cloud has become more technologically secure than in-house solutions. That issue may still be up for debate, but it shouldn't have a drastic impact on a company's data security stance. The reason? Technological threats aren't the only things businesses have to consider when implementing safeguards.

Some of these factors have strong implications for cloud deployments, according to Data Center Journal editor Jeff Clark. In some ways, cloud-stored data requires the same protection information stored in-house because the infrastructure running the cloud has the same hardware components. However, the nature of outsourcing presents other concerns.

"First, companies that rely on a cloud provider are necessarily involving another party in their affairs. Sensitive data, for example, would then be handled not just by the company, but also by its provider," Clark wrote. "This doesn’t necessarily mean that data is less secure, but it adds more opportunities for security breaches (say, by a rogue employee at the provider)."

As Clark's comments suggest, the cloud naturally creates more possible vulnerabilities, but the issue of cloud security extends beyond the risk of rogue or negligent employees. Most businesses don't rely on a single solution for protecting their assets because it is impossible to create a 100 percent secure system. For that reason, all sensitive information should be protected using data encryption software.

Mobile and the cloud
It's no secret that mobility trends like bring-your-own-device have brought security front of mind in the business world. Concerns typically revolve around protecting in-house data across a number of disparate platforms. However, bringing mobility and the cloud together has created new risks for businesses to contend with.

Part of the problem is that companies are still struggling with securing data within their own environments, according to Robert Westervelt, news director at TechTarget. Businesses are only beginning to craft effective policies and still lack technological deployments for securing data on employee-owned devices.

"Adding to the mobile security conundrum are a multitude of cloud environments that are slowing eroding the concept of perimeter away," Westervelt wrote. "In a complex ecosystem with multiple players and service providers, organizations need to begin thinking about it from an access control perspective."

Due to the complex ecosystem of multiple technologies intersecting, it may be too difficult to effectively guard data by focusing on endpoints. Instead, companies can use data-centric encryption to protect their assets before and after a cloud migration.