The Cloud Security Part 1: For Dummies
From an attacker’s perspective, cloud providers aggregate access to many victims’ data into a single point of entry. As the cloud environments become more and more popular, they will increasingly become the focus of attacks. Some organizations think that liability can be outsourced, but no, and I hope that we all understand it cannot. The contract with your cloud vendors basically means nothing, the ISVs or should I say the `SaaS providers` still holds the responsibility, so rather than focusing on contracts and limiting liability in cloud services deals, you should focus on controls and auditability.
“Dropbox, … deceived users about the security ..The FTC complaint charges Dropbox with telling users that their files were totally encrypted” Wired Magazine